References
- 27001Academy. (2017a). Clause-by-clause explanation of ISO 27001.
- 27001Academy. (2017b). Diagram of ISO 27001 risk assessment and treatment process. https://cdn2.hubspot.net/hubfs/1983423/27001Academy/27001Academy_FreeDownloads/Diagram_of_ISO_27001_risk_assessment_and_treatment_process_EN.pdf?utm_campaign=free-resources-27001&utm_source=hs_automation&utm_medium=email&utm_content=50020281&_hsenc=p2ANqtz-9usCc12nPeBCl58pNYfIh5gx18Bg9LW8KEbJ1DA14CtobtaTzfDCg1LZTt8iwF2p89dad7iJSIqK4J7gNi4JzA_SWxvYVFUwAM1wolyYaoaIRt-gE&_hsmi=50020281
- Absalom, R. (2012). International data privacy legislation review: A guide for BYOD policies. Ovum Consulting, IT006, 234, 3–5.
- Abubakar Garba, B., Murray, D., & Armarego, J. (2017). A systematic approach to investigating how information security and privacy can be achieved in BYOD environments. Information and Computer Security, 25(4), 475–492. https://doi.org/https://doi.org/10.1108/ICS-03-2016-0025
- AlHarthy, K., & Shawkat, W. (2013, 29 Nov.-1 Dec. 2013). Implement network security control solutions in BYOD environment. Paper presented at the 2013 IEEE International Conference on Control System, Computing and Engineering.
- Ali, S., Qureshi, M. N., & Abbasi, A. G. (2015, 18–18 Dec. 2015). Analysis of BYOD security frameworks. Paper presented at the 2015 Conference on Information Assurance and Cyber Security (CIACS).
- Alotaibi, B., & Almagwashi, H. (2018, 4–6 April 2018). A review of BYOD security challenges, solutions and policy best practices. Paper presented at the 2018 1st International Conference on Computer Applications & Information Security (ICCAIS). IEEE
- Amoud, M., & Roudies, O. (2017). Experiences in secure integration of Byod. Paper presented at the Proceedings of the 7th International Conference on Information Communication and Management, Moscow, Russian Federation.
- Armando, A., Costa, G., Merlo, A., Verderame, L., & Wrona, K. (2016, 23–24 May 2016). Developing a NATO BYOD security policy. Paper presented at the 2016 International Conference on Military Communications and Information Systems (ICMCIS). IEEE
- Avizienis, A., Laprie, J.-C., Randell, B., & Landwehr, C. (2004b). Basic concepts and taxonomy of dependable and secure computing. IEEE Consumer Electronics Magazine, 1, 1. IEEE transactions on dependable and secure computing
- Baillette, P., Barlette, Y., & Leclercq-Vandelannoitte, A. (2018). Bring your own device in organizations: Extending the reversed IT adoption logic to security paradoxes for CEOs and end users. International Journal of Information Management, 43, 76–84. https://doi.org/https://doi.org/10.1016/j.ijinfomgt.2018.07.007
- Bann, L. L., Singh, M. M., & Samsudin, A. (2015). Trusted security policies for tackling advanced persistent threat via Spear Phishing in BYOD environment. Procedia Computer Science, 72, 129–136. https://doi.org/https://doi.org/10.1016/j.procs.2015.12.113
- Bello Garba, A., Armarego, J., & Murray, D. (2015). Bring your own device organizational information security and privacy. ARPN Journal of Engineering and Applied Sciences, 10(3), 1279–1287.
- CCMB- 2012-09-001. (2012). Common criteria for information technology.
- Cho, V., & Ip, W. H. (2018). A study of BYOD adoption from the lens of threat and coping appraisal of its security policy. Enterprise Information Systems, 12(6), 659–673. https://doi.org/https://doi.org/10.1080/17517575.2017.1404132
- Chung, S., Chung, S., Escrig, T., Bai, Y., & Endicott-Popovsky, B. (2012, 14–16 Dec. 2012). 2TAC: Distributed access control architecture for “Bring Your Own Device” security. Paper presented at the 2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom).
- Crossler, R. E., Long, J. H., Loraas, T. M., & Trinkle, B. S. (2014). Understanding compliance with Bring Your Own Device policies utilizing protection motivation theory: bridging the intention-behavior gap. Journal of Information Systems, 28(1), 209–226. https://doi.org/https://doi.org/10.2308/isys-50704
- de las Cuevas, P., Mora, A. M., Merelo, J. J., Castillo, P. A., García-Sánchez, P., & Fernández-Ares, A., & de las Cuevas, P., Mora, A. M., Merelo, J. J., Castillo, P. A., García-Sánchez, P., & Fernández-Ares, A. (2015). Corporate security solutions for BYOD: A novel user-centric and self-adaptive system. Computer Communications, 68, 83–95. https://doi.org/https://doi.org/10.1016/j.comcom.2015.07.019
- Disterer, G. (2013a). Iso/iec 27000, 27001 and 27002 for information security management. http://file.scirp.org/Html/4-7800154_30059.htm
- Disterer, G. (2013b). ISO/IEC 27000, 27001 and 27002 for information security management. Journal of Information Security, 4(2), 9. https://doi.org/https://doi.org/10.4236/jis.2013.42011
- Downer, K., & Bhattacharya, M. (2015, 19–21 Dec. 2015). BYOD security: A new business challenge. Paper presented at the 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity).
- Fani, N., Solms, R. V., & Gerber, M. (2016, 11–13 May 2016). Governing information security within the context of “bring your own device in SMMEs”. Paper presented at the 2016 IST-Africa Week Conference.
- Garba, A. B., Armarego, J., & Murray, D. (2015). A policy-based framework for managing information security and privacy risks in BYOD environments. International Journal of Emerging Trends & Technology in Computer Science, 4(2), 189–198.
- Garba, A. B., Armarego, J., Murray, D., & Kenworthy, W. (2015). Review of the information security and privacy challenges in Bring Your Own Device (BYOD) environments. Journal of Information Privacy & Security, 11(1), 38–54. http://www.ezproxy.dsu.edu:2048/login?url=https://search.proquest.com/docview/1691289631?accountid=27073.
- Gerber, N., Gerber, P., & Volkamer, M. (2018). Explaining the privacy paradox: A systematic review of literature investigating privacy attitude and behavior. Computers & Security, 77, 226–261. https://doi.org/https://doi.org/10.1016/j.cose.2018.04.002
- Gimenez, S., Ramamurthy, B., & Wang, Y. (2015). A survey on extending the organization’s network using the Bring Your Own Device (BYOD) environment. Technical Report, University of Nebraska-Lincoln.
- Giwah, A. D. (2018, 19-22 April 2018). User information security behavior towards data breach in Bring Your Own Device (BYOD) enabled organizations - leveraging protection motivation theory. Paper presented at the SoutheastCon 2018.
- Grundshutz. (2004). Grundshutz IT manual elementary threats.
- Grundshutz, G. I. German IT Grundshutz Suplement overview excerpts
- Guttman, B., & Roback, E. A. (1995). Sp 800-12. the NIST handbook.
- Hajdarevic, K., Allen, P., & Spremic, M. (2016, 22–23 Nov. 2016). Proactive security metrics for Bring Your Own Device (BYOD) in ISO 27001 supported environments. Paper presented at the 2016 24th Telecommunications Forum (TELFOR).
- Hernandez, A., & Choi, Y. (2014). Securing BYOD networks: Inherent vulnerabilities and emerging feasible technologies. International Journal of Computer and Information Technology, 3(5).
- Herrera, A. V., Ron, M., & Rabadão, C. (2017). National cyber-security policies oriented to BYOD (bring your own device): Systematic review. Paper presented at the Information Systems and Technologies (CISTI), 2017 12th Iberian Conference on.
- Hovav, A., & Putri, F. F. (2016). This is my device! Why should I follow your rules? Employees’ compliance with BYOD security policy. Pervasive and Mobile Computing, 32, 35–49. https://doi.org/https://doi.org/10.1016/j.pmcj.2016.06.007
- ISACA. (2016). IS Audit/Assurance program for BYOD. www.isaca.org
- ISACA. (2019a). ISACA cybersecurity fundamentals glossary. https://www.isaca.org/Knowledge-Center/Documents/Glossary/Cybersecurity_Fundamentals_glossary.pdf
- ISACA. (2019b). ISACA glossary. https://www.isaca.org/Knowledge-Center/Documents/Glossary/glossary.pdf
- Ketel, M. (2018, 19-22 April 2018). Enhancing BYOD security through SDN. Paper presented at the SoutheastCon 2018.
- Ketel, M., & Shumate, T. (2015, 9–12 April 2015). Bring Your Own Device: Security technologies. Paper presented at the SoutheastCon 2015.
- Kiely, L., & Benzel, T. V. (2006). Systemic security management. IEEE Security & Privacy, 4(6), 74–77. https://doi.org/https://doi.org/10.1109/MSP.2006.167
- Lennon, R. G. (2012, 25–27 Oct. 2012). Changing user attitudes to security in bring your own device (BYOD) & the cloud. Paper presented at the 2012 5th Romania Tier 2 Federation Grid, Cloud & High Performance Computing Science (RQLCG).
- Li, F., Huang, C., Huang, J., & Peng, W. (2014, 4–7 Aug. 2014). Feedback-based smartphone strategic sampling for BYOD security. Paper presented at the 2014 23rd International Conference on Computer Communication and Networks (ICCCN).
- Liberati, A., Altman, D. G., Tetzlaff, J., Mulrow, C., Gøtzsche, P. C., Ioannidis, J. P., Clarke, M., Devereaux, P. J., Kleijnen, J., & Moher, D. (2009). The PRISMA statement for reporting systematic reviews and meta-analyses of studies that evaluate health care interventions: Explanation and elaboration. PLoS Medicine, 6(7), e1000100. https://doi.org/https://doi.org/10.1371/journal.pmed.1000100
- McCumber, J. (2004). Assessing and managing security risk in IT systems: A structured methodology. CRC Press.
- Miller, K. W., Voas, J., & Hurlburt, G. F. (2012). BYOD: Security and privacy considerations. IT Professional, 14(5), 53–55. https://doi.org/https://doi.org/10.1109/MITP.2012.93
- Morrow, B. (2012). BYOD security challenges: Control and protect your most sensitive data. Network Security, 2012(12), 5–8. https://doi.org/https://doi.org/10.1016/S1353-4858(12)70111-3
- Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD policies and usage. Journal of Hospital Librarianship, 13(3), 197–208. https://doi.org/https://doi.org/10.1080/15323269.2013.798768
- Musarurwa, A., Flowerday, S., & Cilliers, L. (2018). An information security behavioural model for the bring-your-own-device trend. South African Journal of Information Management, 20(1). https://doi.org/https://doi.org/10.4102/sajim.v20i1.980
- Ngai, E. W., Hu, Y., Wong, Y., Chen, Y., & Sun, X. (2011). The application of data mining techniques in financial fraud detection: A classification framework and an academic review of literature. Decision Support Systems, 50(3), 559–569. https://doi.org/https://doi.org/10.1016/j.dss.2010.08.006
- Ocano, S. G., Ramamurthy, B., & Wang, Y. (2015, 16–19 Feb. 2015). Remote mobile screen (RMS): An approach for secure BYOD environments. Paper presented at the 2015 International Conference on Computing, Networking and Communications (ICNC).
- Ogie, R. (2016). Bring Your Own Device: An overview of risk assessment. IEEE Consumer Electronics Magazine, 5(1), 114–119. https://doi.org/https://doi.org/10.1109/MCE.2015.2484858
- Oktavia, T., Yanti, H., Prabowo, H., & Meyliana, H. (2016). Security and privacy challenge in Bring Your Own Device environment: A systematic literature review. In (pp. 194–199).
- Petrov, D., & Znati, T. (2018, 18–20 Oct. 2018). Context-aware deep learning-driven framework for mitigation of security risks in BYOD-enabled environments. Paper presented at the 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).
- Ratchford, M. M., & Wang, Y. (2019). BYOD-insure: A security assessment model for enterprise BYOD. Paper presented at the 2019 Fifth Conference on Mobile and Secure Services (MobiSecServ).
- Romer, H. (2014). Best practices for BYOD security. Computer Fraud & Security, 2014(1), 13–15. https://doi.org/https://doi.org/10.1016/S1361-3723(14)70007-7
- Salles-Loustau, G., Garcia, L., Joshi, K., & Zonouz, S. (2016, 28 June-1 July 2016). Don’t just BYOD, Bring-Your-Own-App Too! Protection via virtual micro security perimeters. Paper presented at the 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).
- Samaras, V., Daskapan, S., Ahmad, R., & Ray, S. K. (2014, 26–28 Nov. 2014). An enterprise security architecture for accessing SaaS cloud services with BYOD. Paper presented at the 2014 Australasian Telecommunication Networks and Applications Conference (ATNAC).
- Scarfo, A. (2012, 12–14 Nov. 2012). New security perspectives around BYOD. Paper presented at the 2012 Seventh International Conference on Broadband, Wireless Computing, Communication and Applications.
- Scarfone, K. A., Souppaya, M. P., & Hoffman, P. (2011). Sp 800–125. guide to security for full virtualization technologies.
- Shirey, R. W. (2000). Internet security glossary.
- Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215–225. https://doi.org/https://doi.org/10.1016/j.ijinfomgt.2015.11.009
- Souppaya, M., & Scarfone, K. (2013). NIST special publication 800-124 guidelines for managing the security of mobile devices in the enterprise. Gaithersburg, USA: National Institute of Standards and Technology, (1–29).
- Souppaya, M., & Scarfone, K. (2016a). NIST 800–46 rev 2 guide to enterprise telework, remote access, and Bring Your Own Device (BYOD) security. http://csrc.nist.gov/publications/drafts/800-46r2/sp800_46r2_draft.pdf
- Souppaya, M., & Scarfone, K. (2016b). NIST 800–114 rev 1 user’s guide to telework and Bring Your Own Device (BYOD) security. http://csrc.nist.gov/publications/drafts/800-114r1/sp800_114r1_draft.pdf
- Stoecklin, M. P., Singh, K., Koved, L., Hu, X., Chari, S. N., Rao, J. R., Cheng, P.-C., Christodorescu, M., Sailer, R., & Schales, D. L. (2016). Passive security intelligence to analyze the security risks of mobile/BYOD activities. IBM Journal of Research and Development, 60(4), 9:1–9:13. https://doi.org/https://doi.org/10.1147/JRD.2016.2569858
- Thielens, J. (2013). Why APIs are central to a BYOD security strategy. Network Security, 2013(8), 5–6. https://doi.org/https://doi.org/10.1016/S1353-4858(13)70091-6
- Thompson, G. (2012). BYOD: Enabling the chaos. Network Security, 2012(2). https://doi.org/http://dx.doi.org/10.1016/S1353-4858(12)70013-2.
- Tokuyoshi, B. (2013). The security implications of BYOD. Network Security, 2013(4), 12–13. http://www.sciencedirect.com/science/article/pii/S1353485813700503
- United-Kingdom. (2012). Businesses failing to communicate bring your own device best practice to employees. MENA Report, http://www.ezproxy.dsu.edu:2048/login?url=https://www.ezproxy.dsu.edu:2206/docview/1080987877?accountid=27073
- Utter, C., & Rea, A. (2015). The ‘Bring Your Own Device’ Conundrum form Organizations and Investigators: An Examination of the Policy and Legan Concerns in Light of Investigatory Challenges. Journal of Digital Forensics, Security & Law, V, 10(2), 55.
- Vignesh, U., & Asha, S. (2015). Modifying Security Policies Towards BYOD. Procedia Computer Science, 50, 511–516. https://doi.org/https://doi.org/10.1016/j.procs.2015.04.023
- Von Solms, B. (2006). Information security–the fourth wave. Computers & Security, 25(3), 165–168. https://doi.org/https://doi.org/10.1016/j.cose.2006.03.004
- Wang, Y., Wei, J., & Vangury, K. (2014). Bring your own device security issues and challenges. Paper presented at the Consumer Communications and Networking Conference (CCNC), 2014 IEEE 11th.
- Webster, J., & Watson, R. T. (2002). Analyzing the past to prepare for the future: Writing a literature review. MIS Quarterly, xiii–xxiii.
- Wei, P., Feng, L., Han, K. J., Xukai, Z., & Jie, W. (2013, 14–16 Oct. 2013). T-dominance: Prioritized defense deployment for BYOD security. Paper presented at the 2013 IEEE Conference on Communications and Network Security (CNS).
- Yang, T. A., Vlas, R., Yang, A., & Vlas, C. (2013, 8–14 Sept. 2013). Risk Management in the Era of BYOD: The Quintet of Technology Adoption, Controls, Liabilities, User Perception, and User Behavior. Paper presented at the 2013 International Conference on Social Computing.
- Zahadat, N., Blessner, P., Blackburn, T., & Olson, B. A. (2015). BYOD security engineering: A framework and its analysis. Computers & Security, 55, 81–99. https://doi.org/https://doi.org/10.1016/j.cose.2015.06.011
- Zheng, Y., Cao, Y., & Chang, C. (2018, 12–14 Jan. 2018). Facial biohashing based user-device physical unclonable function for bring your own device security. Paper presented at the 2018 IEEE International Conference on Consumer Electronics (ICCE).