Title: Mobile information security management for small organisation technology upgrades: the policy-driven approach and the evolving implementation approach

Authors: Martin Brodin; Jeremy Rose

Addresses: Department of Systems Sciences, School of Informatics, University of Skövde, Box 408, SE-541 28, Skövde, Sweden ' Department of Systems Sciences, School of Informatics, University of Skövde, Box 408, SE-541 28, Skövde, Sweden

Abstract: Information security management researchers are often focused on the information security policy, its implementation and evaluation as the primary means of ensuring that organisations protect their valuable data. However, information security is usually nested with a variety of other concerns (for instance technology upgrades, information access, efficiency and sustainability issues, employee satisfaction), so this policy-driven approach is seldom operated in isolation. We investigate the approach as implied in the mobile information security literature, provide a literature-inspired characterisation and use it to analyse an iPad implementation for politicians in a Swedish municipality. The analysis provides only a partial explanation for security work in this kind of small organisation technology upgrade, so we develop a complementary approach: the evolving implementation approach. A suggestion is made for how the two approaches can be reconciled, and implications for both practitioners and researchers derived.

Keywords: information management; mobile devices; implementation; device strategy; IS management.

DOI: 10.1504/IJMC.2020.10023760

International Journal of Mobile Communications, 2020 Vol.18 No.5, pp.598 - 618

Received: 16 May 2018
Accepted: 01 Apr 2019

Published online: 30 Sep 2020 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article