Title: Mobile information security management for small organisation technology upgrades: the policy-driven approach and the evolving implementation approach
Authors: Martin Brodin; Jeremy Rose
Addresses: Department of Systems Sciences, School of Informatics, University of Skövde, Box 408, SE-541 28, Skövde, Sweden ' Department of Systems Sciences, School of Informatics, University of Skövde, Box 408, SE-541 28, Skövde, Sweden
Abstract: Information security management researchers are often focused on the information security policy, its implementation and evaluation as the primary means of ensuring that organisations protect their valuable data. However, information security is usually nested with a variety of other concerns (for instance technology upgrades, information access, efficiency and sustainability issues, employee satisfaction), so this policy-driven approach is seldom operated in isolation. We investigate the approach as implied in the mobile information security literature, provide a literature-inspired characterisation and use it to analyse an iPad implementation for politicians in a Swedish municipality. The analysis provides only a partial explanation for security work in this kind of small organisation technology upgrade, so we develop a complementary approach: the evolving implementation approach. A suggestion is made for how the two approaches can be reconciled, and implications for both practitioners and researchers derived.
Keywords: information management; mobile devices; implementation; device strategy; IS management.
International Journal of Mobile Communications, 2020 Vol.18 No.5, pp.598 - 618
Received: 16 May 2018
Accepted: 01 Apr 2019
Published online: 30 Sep 2020 *