Comparing intention to avoid malware across contexts in a BYOD-enabled Australian university: A Protection Motivation Theory approach

“…Since 2011, the number of mobile malware families have increased 58 per cent [11] and malware samples increased more than 10 times between July 2012 and January 2014 [22]. This suggest that malware is still the most dangerous and persistent threat to corporate information.…”

“…Also, since this threat spreads with ease in unacknowledged employee collaboration environments, social networks and cloud services become the perfect "bait" to catch naive users [15]. Thus, very little readiness to timely investigate and respond to security incidents is revealed since majority of organisations with poor security awareness fully entrust BYOD protection strategies to the employee's security common sense [11].…”

“…Since the inception of BYOD in the enterprise and employee's access to more sophisticated and convenient technology [3], it is easier than ever for an outsider to steal information or obtain financial gain [22]. Actually, because of the lack of security awareness, outsiders have an advantage point to access corporate information by turning employees' normal leisure activities into attack vectors [11], making it difficult to investigate illegal actions. Thus, downloading mobile applications or sharing content on social networks may be backdoors for disclosing or contaminating sensitive corporate information through a range of different external threats, the contexts of which are explained as follows.…”

“…This suggest that malware is still the most dangerous and persistent threat to corporate information. In the BYOD context, existent security vulnerabilities in employees' mobile devices [13] are exploited by malware to steal confidential information [11], sabotage networks or deviate financial transactions [23]. Moreover, since the BYOD inception, IT departments have lost control on mobile devices, which means that accidental malware infections may be undetected [14], and therefore very difficult to investigate.…”

“…As people are still the weakest security link inside organisations [15], attackers send spam on emails and social networks to spread malware [11][12] [15], taking advantage of human emotions [10]. Hence, naive users who check emails and use social networks during leisure breaks, increase infection opportunities to the corporate network [14] because the activities performed in their personal mobile devices are harder to monitor and control [12], making it difficult to acquire first-hand evidence.…”

Bring Your Own Disclosure: Analysing BYOD Threats to Corporate Information

“…Since 2011, the number of mobile malware families have increased 58 per cent [11] and malware samples increased more than 10 times between July 2012 and January 2014 [22]. This suggest that malware is still the most dangerous and persistent threat to corporate information.…”

“…Also, since this threat spreads with ease in unacknowledged employee collaboration environments, social networks and cloud services become the perfect "bait" to catch naive users [15]. Thus, very little readiness to timely investigate and respond to security incidents is revealed since majority of organisations with poor security awareness fully entrust BYOD protection strategies to the employee's security common sense [11].…”

“…Since the inception of BYOD in the enterprise and employee's access to more sophisticated and convenient technology [3], it is easier than ever for an outsider to steal information or obtain financial gain [22]. Actually, because of the lack of security awareness, outsiders have an advantage point to access corporate information by turning employees' normal leisure activities into attack vectors [11], making it difficult to investigate illegal actions. Thus, downloading mobile applications or sharing content on social networks may be backdoors for disclosing or contaminating sensitive corporate information through a range of different external threats, the contexts of which are explained as follows.…”

“…This suggest that malware is still the most dangerous and persistent threat to corporate information. In the BYOD context, existent security vulnerabilities in employees' mobile devices [13] are exploited by malware to steal confidential information [11], sabotage networks or deviate financial transactions [23]. Moreover, since the BYOD inception, IT departments have lost control on mobile devices, which means that accidental malware infections may be undetected [14], and therefore very difficult to investigate.…”

“…As people are still the weakest security link inside organisations [15], attackers send spam on emails and social networks to spread malware [11][12] [15], taking advantage of human emotions [10]. Hence, naive users who check emails and use social networks during leisure breaks, increase infection opportunities to the corporate network [14] because the activities performed in their personal mobile devices are harder to monitor and control [12], making it difficult to acquire first-hand evidence.…”

Bring Your Own Disclosure: Analysing BYOD Threats to Corporate Information

Shedding Light on Shadow IT: Definition, Related Concepts, and Consequences

Health Belief Model and Organizational Employee Computer Abuse