Exploring information systems security implications posed by BYOD for a financial services firm

Q2 Economics, Econometrics and Finance

Business Information Review Pub Date : 2021-08-11 DOI:10.1177/02663821211036400

Joel Chigada, Naailah Daniels

{"title":"Exploring information systems security implications posed by BYOD for a financial services firm","authors":"Joel Chigada, Naailah Daniels","doi":"10.1177/02663821211036400","DOIUrl":null,"url":null,"abstract":"This study explores information systems security implications posed by Bring Your Own Device concept in financial services firms. Thus, the findings and recommendations from this study will help financial services and other organisations to be cognisant of the importance of BYOD policy formulation. The use of BYOD has become prevalent in the workplace due to the increased dependence on the Internet and advancements in technologies. It is beneficial to the organisation in that employees buy, use and insure their own devices, thus, the organisation does not bear these costs. However, there is a huge cost to the company if the use and connection of BYODs to the company’s Information Technology infrastructure is not regulated and monitored. BYODs expose information and information systems assets to threat actors. Financial institutions handle very sensitive information, making them a target for data breach and the adoption of BYODs more hazardous. A qualitative research method was conducted with eight (8) purposefully selected participants working in the Risk, IT and Information Systems Security departments of the financial institution. Telephonic interviews were conducted in line with the national protocols of the global Corona Virus Disease-2019 (COVID-19) pandemic. The study revealed the absence of a BYOD policy and employees could use any number of personal devices without restrictions. Users were aware of information systems security policies and protocols because of the annual training and awareness programmes.","PeriodicalId":39735,"journal":{"name":"Business Information Review","volume":"38 1","pages":"115 - 126"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Business Information Review","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1177/02663821211036400","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Economics, Econometrics and Finance","Score":null,"Total":0}

引用次数: 5

Abstract

This study explores information systems security implications posed by Bring Your Own Device concept in financial services firms. Thus, the findings and recommendations from this study will help financial services and other organisations to be cognisant of the importance of BYOD policy formulation. The use of BYOD has become prevalent in the workplace due to the increased dependence on the Internet and advancements in technologies. It is beneficial to the organisation in that employees buy, use and insure their own devices, thus, the organisation does not bear these costs. However, there is a huge cost to the company if the use and connection of BYODs to the company’s Information Technology infrastructure is not regulated and monitored. BYODs expose information and information systems assets to threat actors. Financial institutions handle very sensitive information, making them a target for data breach and the adoption of BYODs more hazardous. A qualitative research method was conducted with eight (8) purposefully selected participants working in the Risk, IT and Information Systems Security departments of the financial institution. Telephonic interviews were conducted in line with the national protocols of the global Corona Virus Disease-2019 (COVID-19) pandemic. The study revealed the absence of a BYOD policy and employees could use any number of personal devices without restrictions. Users were aware of information systems security policies and protocols because of the annual training and awareness programmes.

查看原文本刊更多论文

为一家金融服务公司探讨自带设备对信息系统安全的影响

本研究探讨了金融服务公司自带设备概念对信息系统安全的影响。因此，这项研究的结果和建议将有助于金融服务和其他组织认识到BYOD政策制定的重要性。由于对互联网的依赖和技术的进步，BYOD的使用在工作场所变得普遍。这对组织是有益的，因为员工购买，使用和保险自己的设备，因此，组织不承担这些费用。然而，如果不规范和监控自带设备与公司信息技术基础设施的使用和连接，则会给公司带来巨大的成本。byod将信息和信息系统资产暴露给威胁行为者。金融机构处理非常敏感的信息，使其成为数据泄露的目标，采用byod的风险更大。本研究采用定性研究方法，有目的地选择了8名在金融机构风险、IT和信息系统安全部门工作的参与者。根据2019冠状病毒病(COVID-19)全球大流行的国家方案进行了电话采访。该研究显示，由于没有BYOD政策，员工可以不受限制地使用任意数量的个人设备。由于每年的培训和提高认识计划，用户已了解资讯系统的保安政策和协议。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Business Information Review Economics, Econometrics and Finance-Economics, Econometrics and Finance (miscellaneous)

CiteScore

2.50

自引率

0.00%

发文量

期刊介绍： Business Information Review (BIR) is concerned with information and knowledge management within organisations. To be successful organisations need to gain maximum value from exploiting relevant information and knowledge. BIR deals with information strategies and operational good practice across the range of activities required to deliver this information dividend. The journal aims to highlight developments in the economic, social and technological landscapes that will impact the way organisations operate. BIR also provides insights into the factors that contribute to individual professional success.