Business priorities driving BYOD and the resulting consequences: a South African case study

Master Thesis

2016

Permanent link to this Item
Authors
Supervisors
Journal Title
Link to Journal
Journal ISSN
Volume Title
Publisher
Publisher

University of Cape Town

License
Series
Abstract
The consumerisation of information technology (IT) introduced the bring your own device (BYOD) phenomenon into the enterprise environment. As mobile and Internet technologies improve employees are opting to use their personal devices to access organisational systems in order to perform their work tasks. Such devices include smart phones, tablets and laptop computers. BYOD provide s opportunities for both the organisation and employees, but the adoption of BYO D also introduces risks to the organisation. Mobility and management of BYOD and CYOD (choose your own device) has consistently been a top concern for business management and Chief Information Officers (CIO's) globally. In the current, challenging economic environment organisations need to use all their resources, including technology, effectively. Organisations that develop an effective BYOD program can use this to assist in achieving their organisational objectives. This study uses a case study approach to investigate how business priorities drive the adoption of BYOD and how BYOD benefits and risks are realised by the organisation. Primary empirical data was collected using semi-structured interviews with employees from a large financial services organisation. Policy documents from the organisation was analysed as secondary data. Thematic analysis of the data revealed six major themes: improving employee mobility; improving client service and experience; creating a competitive industry advantage; improving business processes; information security risks; and management best practises. The themes were combined into a conceptual model, showing the decision process in adopting a BYOD program. This research contributes to the body of knowledge in this area, focusing on the South African context. The conceptual model can serve as an example for organisations currently making BYOD adoption decisions or organisations that are not achieving the full benefits of their BYOD program. The conceptual model reveals that organisations can use BYOD to achieve benefits including having a mobile workforce which results in an increase in productivity. However, mobility introduces risk to the organisation where information security risks is the top concern. This study recommends using a combination of technical and human controls to manage the risks. The technical controls include the use of an enterprise mobility management system and password controls. The human controls include the creation of effective BYOD and information security policies that the employees understand and follow. Providing employees with information security awareness and training is essential.
Description

Reference:

Collections