Title: BYOD security issues and controls framework: an outcome of a systematic literature review

Authors: Thembekile O. Mayayise

Addresses: Information Systems Division, School of Business Sciences, University of the Witwatersrand, South Africa

Abstract: Various organisations and individuals consider the bring your own device (BYOD) practice as a flexible method for remote working. However, as cybercrime continues to surge under the current teleworking climate, organisations are compelled to strengthen their existing security posture. The aim of this study was to uncover the BYOD security issues and appropriate controls through a systematic literature review (SLR) of peer-reviewed journal articles from 2010-2021 as a guide to propose a BYOD security controls conceptual framework. The following databases were used for this study: Science Direct, Taylor and Francis, Springer Link and IEEE Explore. The SLR outcome revealed various BYOD security issues and controls and these are classified into people, process, and technology categories. The security controls from the SLR and the diffusion of innovation and deterrence theories are artefacts of the proposed BYOD security conceptual framework. This study contributes to the broader body of knowledge of information and cybersecurity.

Keywords: bring your own device; BYOD; information security; mobile devices; IT consumerisation; cybersecurity; security controls; systematic literature reviews; theories.

DOI: 10.1504/IJICS.2023.131095

International Journal of Information and Computer Security, 2023 Vol.21 No.1/2, pp.135 - 161

Received: 09 Apr 2021
Accepted: 16 Nov 2021

Published online: 26 May 2023 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article