Search results
1 – 10 of over 22000
This study aims to investigate the differences in security-conscious (group A) and regular (group B) users’ behaviors and practices on mobile devices.
Abstract
Purpose
This study aims to investigate the differences in security-conscious (group A) and regular (group B) users’ behaviors and practices on mobile devices.
Design/methodology/approach
A survey was used to investigate the differences in behaviors and practices of security-conscious users (group A) and regular users (group B) on mobile devices. Each group will have 50 participants for a total of 100.
Findings
The analysis revealed differences in the behaviors and practices of security-conscious and regular users. The results indicated that security-conscious users engage in behaviors and practices that are more secure on mobile devices when compared with regular users.
Research limitations/implications
The results will help recommend the best behaviors and practices for mobile device users, increasing mobile device security.
Social implications
The results will help society to be more aware of security behaviors and practices on mobile devices.
Originality/value
This study answers the call for addressing the weaknesses and vulnerabilities in mobile device security. It develops a research instrument to measure the differences in behaviors and practices of security-conscious and regular mobile device users.
Details
Keywords
Fatih Erdoğdu, Seyfullah Gökoğlu and Mehmet Kara
The current study aimed to develop and validate Mobile Information Security Awareness Scale (MISAS) based on the prototype model for measuring information security awareness and…
Abstract
Purpose
The current study aimed to develop and validate Mobile Information Security Awareness Scale (MISAS) based on the prototype model for measuring information security awareness and the relevant literature.
Design/methodology/approach
The scale was developed and validated with the participation of 562 students from four universities. The construct validity of the scale was tested through exploratory factor analysis and confirmatory factor analysis.
Findings
The reliability of the scale was tested through corrected item-total correlations and Cronbach alpha. The MISAS includes six factors and 17 items. The identified factors were labeled as backup, instant messaging and navigation, password protection, update, access permission and using others' devices.
Research limitations/implications
The scale included only the human aspects of mobile information security. The technical aspects are not within the scope of this study. For this reason, future studies might develop and validate a different scale focusing on the technical aspects of mobile information security.
Originality/value
The developed scale contributes to the literature on the human aspects of mobile information security.
Details
Keywords
Mark A. Harris and Karen P. Patten
This paper's purpose is to identify and accentuate the dilemma faced by small- to medium-sized enterprises (SMEs) who use mobile devices as part of their mobility business…
Abstract
Purpose
This paper's purpose is to identify and accentuate the dilemma faced by small- to medium-sized enterprises (SMEs) who use mobile devices as part of their mobility business strategy. While large enterprises have the resources to implement emerging security recommendations for mobile devices, such as smartphones and tablets, SMEs often lack the IT resources and capabilities needed. The SME mobile device business dilemma is to invest in more expensive maximum security technologies, invest in less expensive minimum security technologies with increased risk, or postpone the business mobility strategy in order to protect enterprise and customer data and information. This paper investigates mobile device security and the implications of security recommendations for SMEs.
Design/methodology/approach
This conceptual paper reviews mobile device security research, identifies increased security risks, and recommends security practices for SMEs.
Findings
This paper identifies emerging mobile device security risks and provides a set of minimum mobile device security recommendations practical for SMEs. However, SMEs would still have increased security risks versus large enterprises who can implement maximum mobile device security recommendations. SMEs are faced with a dilemma: embrace the mobility business strategy and adopt and invest in the necessary security technology, implement minimum precautions with increased risk, or give up their mobility business strategy.
Practical implications
This paper develops a practical list of minimum mobile device security recommendations for SMEs. It also increases the awareness of potential security risks for SMEs from mobile devices.
Originality/value
This paper expands previous research investigating SME adoption of computers, broadband internet-based services, and Wi-Fi by adding mobile devices. It describes the SME competitive advantages from adopting mobile devices for enterprise business mobility, while accentuating the increased business risks and implications for SMEs.
Details
Keywords
Anthony Duke Giwah, Ling Wang, Yair Levy and Inkyoung Hur
The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in user…
Abstract
Purpose
The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in user information security behavior have been in broad contexts, therefore creating needs of research that focuses on specific emerging technologies and trends such as mobile technology.
Design/methodology/approach
This study was an empirical study that gathered survey data from 390 mobile users. Delphi study and pilot study were conducted prior to the main survey study. Partial Least Square Structural Equation Modeling was used to analyze the survey data after conducting pre-analysis data screening.
Findings
This study shows that information security training programs must be designed by practitioners to target the mobile self-efficacy (MSE) of device users. It also reveals that practitioners must design mobile device management systems along with processes and procedures that guides users to take practical steps at protecting their devices. This study shows the high impact of MSE on users’ protection motivation (PM) to protect their mobile devices. Additionally, this study reveals that the PM of users influences their usage of mobile device security.
Originality/value
This study makes theoretical contributions to the existing information security literature. It confirms PM theory’s power to predict user behavior within the context of mobile device security usage. Additionally, this study investigates mobile users’ actual security usage. Thus, it goes beyond users’ intention.
Details
Keywords
Ramaraj Palanisamy and Yang Wu
This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for…
Abstract
Purpose
This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for various business applications including ES to increase the flexibility and to gain sustainable competitive advantage. At the same time, end-users are exposed to security issues when using mobile technologies. The ES have seen breaches and malicious intrusions thereby more sophisticated recreational and commercial cybercrimes have been witnessed. ES have seen data breaches and malicious intrusions leading to more sophisticated cybercrimes. Considering the significance of security in ES mobility, the research questions in this study are: What are the security issues of ES mobility? What are the influences of users’ attitude towards those security issues? What is the impact of users’ attitude towards security issues on perceived security of ES mobility?
Design/methodology/approach
These questions are addressed by empirically testing a security model of mobile ES by collecting data from users of ES mobile systems. Hypotheses were evolved and tested by data collected through a survey questionnaire. The questionnaire survey was administered to 331 users from Chinese small and medium-sized enterprises (SME). The data was statistically analysed by tools such as correlation, factor analysis, regression and the study built a structural equation model (SEM) to examine the interactions between the variables.
Findings
The study results have identified the following security issues: users’ attitude towards mobile device security issues; users’ attitude towards wireless network security issues; users’ attitude towards cloud computing security issues; users’ attitude towards application-level security issues; users’ attitude towards data (access) level security issues; and users’ attitude towards enterprise-level security issues.
Research limitations/implications
The study results are based on a sample of users from Chinese SMEs. The findings may lack generalizability. Therefore, researchers are encouraged to examine the model in a different context. The issues requiring further investigation are the role of gender and type of device on perceived security of ES mobile systems.
Practical implications
The results show that the key security issues are related to a mobile device, wireless network, cloud computing, applications, data and enterprise. By understanding these issues and the best practices, organizations can maintain a high level of security of their mobile ES.
Social implications
Apart from understanding the best practices and the key issues, the authors suggest management and end-users to work collaboratively to achieve a high level of security of the mobile ES.
Originality/value
This is an empirical study conducted from the users’ perspective for validating the set of research hypotheses related to key security issues on the perceived security of mobile ES.
Details
Keywords
The purpose of this paper is to reveal factors that impact information governance within the mobile technology implementation in organizations in the dual‐use context.
Abstract
Purpose
The purpose of this paper is to reveal factors that impact information governance within the mobile technology implementation in organizations in the dual‐use context.
Design/methodology/approach
Case study methodology was used and 15 semi‐structured interviews were conducted with records and information management (RIM) and information security professionals from different types of organizations.
Findings
There are three main findings. First, stakeholder support is critical to drive the change and leverage organizational security culture. Second, records mobility with data security dimension represents the biggest challenge for RIM stakeholders. Third, mobile strategy and security framework are two must‐win areas for a successful mobile implementation.
Research limitations/implications
The paper does not include any end‐user perspective in interviews and this end‐user context is missing.
Practical implications
Awareness through education and training of employees needs to be given very particular attention in the future mobile implementations. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Finally, mobile strategy needs undergo a very precise and detailed planning process to ensure the right technology acceptance by users.
Originality/value
The paper closes an existing research gap and provides useful insights to record management professionals and practitioners on factors that impact effective information governance implementation within the mobile dual‐use context.
Details
Keywords
As mobile malware and virus are rapidly increasing in frequency and sophistication, mobile social media has recently become a very popular attack vector. The purpose of this paper…
Abstract
Purpose
As mobile malware and virus are rapidly increasing in frequency and sophistication, mobile social media has recently become a very popular attack vector. The purpose of this paper is to survey the state-of-the-art of security aspect of mobile social media, identify recent trends, and provide recommendations for researchers and practitioners in this fast moving field.
Design/methodology/approach
This paper reviews disparate discussions in literature on security aspect of mobile social media though blog mining and an extensive literature search. Based on the detailed review, the author summarizes some key insights to help enterprises understand security risks associated with mobile social media.
Findings
Risks related to mobile social media are identified based on the results of the review. Best practices and useful tips are offered to help enterprises mitigate risks of mobile social media. This paper also provides insights and guidance for enterprises to mitigate the security risks of mobile social media.
Originality/value
The paper consolidates the fragmented discussion in literature and provides an in-depth review to help researchers understand the latest development of security risks associated with mobile social media.
Details
Keywords
Jing Fan, Mingxing Shao, Yafang Li and Xuemei Huang
The authors position security measures and payment culture as key determinants of perceived security (PS) and trust. The purpose of this paper is to empirically investigate how PS…
Abstract
Purpose
The authors position security measures and payment culture as key determinants of perceived security (PS) and trust. The purpose of this paper is to empirically investigate how PS and trust affect users’ attitude toward mobile payment use and why mobile payment has developed differently in the USA and in China.
Design/methodology/approach
Empirical data were collected from a survey conducted both in China and in the USA. The whole sample consists of 186 Chinese and 196 Americans. Partial least squares analysis was conducted to test the proposed relationships and multigroup comparison analysis was performed to examine the differences in the coefficients of those relationships between Chinese and the US model.
Findings
The findings show that payment culture (measured by coverage of mobile payment context (CMPC) and uncertainty avoidance (UA)) and security measures (measured by security technology protection (STP), security rules and policies (SRP), and security responsibility commitment (SRC)) have significantly positive impacts on the PS and trust, except that the positive impact of security on trust is not supported. The impacts of CMPC and PS on trust in the USA are significantly smaller than those in China, whereas the impacts of security measures and UA on PS and trust do not show significant differences between the two countries.
Research limitations/implications
Respondents of this study are selected from young educated population, the major users of mobile payment in 2015. However, recently with the increasing penetration of mobile payment, major mobile payment users are not only limited to young educated population, and thus there may be new findings after extending the range of respondents’ age. Since the research subjects in this study are the mobile payment of China and the USA, the authors could also expect different findings when the research subjects are extended or changed to other countries because of different mobile payment cultures across countries.
Practical implications
Findings in this paper will help mobile payment service providers to know the determinants of their users’ behavior intention and to take measures to improve these determinants, and these findings can also provide mobile payment service providers with insights into the differences in mobile payment use between the two countries and suggestions of measures that they can take to increase users’ attitude toward mobile payment use. Furthermore, the findings of this paper also help these providers globalize efficiently by paying more attention to those antecedents.
Social implications
The findings in this paper show that there is no difference in the impacts of UA and security measures on PS and trust between China and the USA. However, the impacts of PS and CMPC on trust in China are significantly higher than those in the USA. This is because that globalization has made people from different countries hold similar UA, whereas the CMPC, a construct refers to the business environment of mobile payment, is still very different between China and the USA.
Originality/value
This study extends prior studies of attitude toward mobile payment use through proposing that security measures and payment culture are key determinants of PS and trust and examining the role of PS and trust on the attitude. Furthermore, the empirical findings will not only provide mobile payment service providers with important insights into the differences in mobile payment adoption between the two countries, but also help these providers globalize efficiently by paying more attention to those antecedents.
Details
Keywords
Hamid Reza Nikkhah, Varun Grover and Rajiv Sabherwal
This study aims to argue that user’s continued use behavior is contingent upon two perceptions (i.e. the app and the provider). This study examines the moderating effects of…
Abstract
Purpose
This study aims to argue that user’s continued use behavior is contingent upon two perceptions (i.e. the app and the provider). This study examines the moderating effects of user’s perceptions of apps and providers on the effects of security and privacy concerns and investigate whether assurance mechanisms decrease such concerns.
Design/methodology/approach
This study conducts a scenario-based survey with 694 mobile cloud computing (MCC) app users to understand their perceptions and behaviors.
Findings
This study finds that while perceived value of data transfer to the cloud moderates the effects of security and privacy concerns on continued use behavior, trust only moderates the effect of privacy concerns. This study also finds that perceived effectiveness of security and privacy intervention impacts privacy concerns but does not decrease security concerns.
Originality/value
Prior mobile app studies mainly focused on mobile apps and did not investigate the perceptions of app providers along with app features in the same study. Furthermore, International Organization for Standardization 27018 certification and privacy policy notification are the interventions that exhibit data assurance mechanisms. However, it is unknown whether these interventions are able to decrease users’ security and privacy concerns after using MCC apps.
Details
Keywords
The purpose of this paper is to rank the users’ attitude on major components of mobile cloud computing (MCC) security and investigate the degree of impact of these components on…
Abstract
Purpose
The purpose of this paper is to rank the users’ attitude on major components of mobile cloud computing (MCC) security and investigate the degree of impact of these components on MCC security as a whole.
Design/methodology/approach
Hypotheses were evolved and tested by data collected through an online survey-questionnaire. The survey was administered to 363 users from Chinese organizations. Statistical analysis was carried out and structural equation model was built to validate the interactions.
Findings
The eight components of MCC security in the order of importance are as follows: mobile device related, user identity related, deployment model related, application-level security issues, data related, virtualization related, network related and service delivery related. The empirical analysis validates that these security issues are having significant impact on perceived security of MCC.
Practical implications
Constant vigilance on these eight issues and improving the level of user awareness on these issues enhance the overall security.
Social implications
These issues can be used for designing and developing secured MCC system.
Originality/value
While several previous research has studied various security factors in the MCC security domain, a consolidated understanding on the different components of MCC security is missing. This empirical research has identified and ranked the major components of MCC security. The degree of impact of each of these components on overall MCC security is identified. This provides a different perspective for managing MCC security by explaining what components are most important.
Details