Independent thesis Advanced level (degree of Master (Two Years)), 80 credits / 120 HE credits
Recently, organisations are using mobile devices and associated applications to connect and access organisational information from enterprise domain and the trend is growing. Rapid changes in technologies are enforcing organisations to accept the use of mobile devices within the enterprise network, to access digital assets. As such, Bring Your Own Device (BYOD) and mobile devices are causing information security risks within enterprises.
To lower such risks, organisations need to adopt frameworks like Cyber Essentials and ISO 27001. Recent regulations, such as Cyber Essentials, General Data Processing Regulation (GDPR), have introduced new requirements, and research into the challenges of meeting those is still incomplete (Harris, 2018, Kahol, 2019 and Baker, 2018 & Musarurwa and Flowerday, 2019). Hence, this research will focus on providing insight into those issues, by investigating people, processes and technology and discussing how the organisation can meet these additional requirements.
The aim of proposed research is to investigate the challenges of BYOD and mobile device security compliance. Qualitative research method is used to conduct this research. Survey, interview and focus group were carried out to collect data and conclude the outcome. Different target groups were used, namely policy makers, technicians, helpdesk staff, and end users, as a way of gaining insight into multiple perspectives within key stakeholders. Interviewing policymakers and manager could help us to understand what are they doing practically, how they are controlling those devices or what is their plan to control them for effective information security practice. The information gathered from technicians, helpdesk staff and users aims to aid understanding of the practical implementation challenges in more detail.
User behaviour in BYOD and mobile device security and effective user awareness and training are identified as the most prominent challenge is BYOD and mobile device security. The research outcome is useful to maintain the list of requirements to improve and maintain BYOD and mobile devices related information security within organisations.
2020. , p. 115