Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The challenges of ISO 27001 and Cyber Essentialscompliance for BYOD and mobile device security
LuleƄ University of Technology, Department of Computer Science, Electrical and Space Engineering.
2020 (English)Independent thesis Advanced level (degree of Master (Two Years)), 80 credits / 120 HE creditsStudent thesis
Abstract [en]

Recently, organisations are using mobile devices and associated applications to connect and access organisational information from enterprise domain and the trend is growing. Rapid changes in technologies are enforcing organisations to accept the use of mobile devices within the enterprise network, to access digital assets. As such, Bring Your Own Device (BYOD) and mobile devices are causing information security risks within enterprises.

To lower such risks, organisations need to adopt frameworks like Cyber Essentials and ISO 27001. Recent regulations, such as Cyber Essentials, General Data Processing Regulation (GDPR), have introduced new requirements, and research into the challenges of meeting those is still incomplete (Harris, 2018, Kahol, 2019 and Baker, 2018 & Musarurwa and Flowerday, 2019). Hence, this research will focus on providing insight into those issues, by investigating people, processes and technology and discussing how the organisation can meet these additional requirements.

The aim of proposed research is to investigate the challenges of BYOD and mobile device security compliance. Qualitative research method is used to conduct this research. Survey, interview and focus group were carried out to collect data and conclude the outcome. Different target groups were used, namely policy makers, technicians, helpdesk staff, and end users, as a way of gaining insight into multiple perspectives within key stakeholders. Interviewing policymakers and manager could help us to understand what are they doing practically, how they are controlling those devices or what is their plan to control them for effective information security practice. The information gathered from technicians, helpdesk staff and users aims to aid understanding of the practical implementation challenges in more detail.

User behaviour in BYOD and mobile device security and effective user awareness and training are identified as the most prominent challenge is BYOD and mobile device security. The research outcome is useful to maintain the list of requirements to improve and maintain BYOD and mobile devices related information security within organisations.

Place, publisher, year, edition, pages
2020. , p. 115
Keywords [en]
ISO 27001, Cyber Essentials, BYOD and mobile device security
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ltu:diva-80836OAI: oai:DiVA.org:ltu-80836DiVA, id: diva2:1468410
Educational program
Information Security, master's level (120 credits)
Supervisors
Available from: 2020-10-15 Created: 2020-09-17 Last updated: 2020-10-15Bibliographically approved

Open Access in DiVA

No full text in DiVA

By organisation
Department of Computer Science, Electrical and Space Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 404 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf