Abstract:
Bring your own device (BYOD) has become a trend in the present day due to the pandemic
situations as people are working from home. Most organizations allow employees the
freedom to bring their personal mobile devices to access corporate networks in Sri Lanka.
In addition, most private and government organizations are increasingly allowing their
employees the flexibility to utilize mobile devices for work-related activities. However, as
they do so, the risk of corporate data being exposed to threats increases. Hence, the study
considered developing a security framework for mitigating BYOD security challenges.
This research will produce a general framework, which any organization can customize to
implement an effective BYOD process to ensure the business goals are met with a
reasonable number of risks. This research only explores the BYOD security problems faced
by organizations in Sri Lanka.
The aim of this research was to find out security threats, challenges and attacks brought
about by BYOD adoption in organizations. The threats, challenges, attacks and security
practices were found out using a questionnaire that was sent to BYOD users of 100
randomly sampled organizations. Other existing frameworks were reviewed in order to
find out how they tackled threats and challenges associated with BYOD.
Based on the findings of the study, the developed security framework will help
organizations in Sri Lanka to mitigate against BYOD security threats. Furthermore, this
security framework will contribute towards the generation of new knowledge in the field
of information security as far as BYODs are concerned. The study recommends ongoing
training for employees as it relates to mitigation of security threats posed by mobile
devices.
"
