Risk assessment of BYOD: Bring your own device

Tanimoto, Shigeaki; Yamada, Susumu; Iwashita, Motoi; Kobayashi, Takao; Satō, Hiroyuki; Kanai, Atsushi

doi:10.1109/gcce.2016.7800494

Cited by 11 publications

(10 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Privacy in this context is defined as the behaviour of the organisation to protect their information assets and their customer personally identifiable information. As also observed in other research (Tanimoto et al, 2016) advantages such as employee satisfaction and heightened employee productivity are key advantages of adopting BYOD. This paper recognizes the risk in lowering the control of an organisation by giving the employees the responsibility to protect the organisations.…”

Section: Mfa Bring Your Own Device (Byod)supporting

confidence: 70%

“…Tanimoto (2016) proposes a risk assessment strategy which reviews operations and systems and then applies the appropriate risk strategy; transference, avoidance, mitigation. The study concluded that information leakage was the biggest risk and that a mobile device management system was the strongest countermeasure (Tanimoto et al, 2016).…”

Section: Mfa Bring Your Own Device (Byod)mentioning

confidence: 99%

“…We propose that companies while security focus is absolutely warranted to ensure the confidentiality and privacy of its assets the user experience must not be forgotten with the rising trend of (BYOD). BYOD advantages as described by Tanimoto (2016) are increased productivity and opportunities for new business and services. He also discusses risks with BYOD adoptions such as information leakages; company's confidential data or an employee's personal information.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Hybrid Model for the Evaluation of End User Experience in a Bring Your Own Device Environment Using Multifactor Authentication

2020

Proceedings of the 17th International Conference on Applied Computing (AC2020)

View full text Add to dashboard Cite

There is a growing trend of Bring Your Own Device (BYOD) adoption in companies; the controls such as policies, companies attitude to risk, technological solutions that offer an additional layer of security help companies to protect themselves against risks such as data leakage or social engineering. We propose that companies focus is absolutely warranted to ensure the confidentiality and privacy of its assets but user experience must not be forgotten with this rising trend. In this paper we took an existing model Gupta (2018) used to measure user's intention to adopt BYOD and modified and utilised it to further investigate User Experience (UE) in relation to Multifactor Authentication (MFA) and BYOD. We implemented the model in a similar fashion as Gupta's study and created a number of hypothesis to evaluate the user's response and determine their experience to be positive, negative or neutral. The results indicated that there was not a correlation between perceived ease of use of MFA and perceived usefulness or user experience. While surprising this too was observed by Gupta and is an area further study is required. There were strong correlations observed however in positive perceived ease of use and personal innovativeness on users' positive attitude towards MFA which in turn could likely impact user experience.

show abstract

Section: Mfa Bring Your Own Device (Byod)supporting

confidence: 70%

Section: Mfa Bring Your Own Device (Byod)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Hybrid Model for the Evaluation of End User Experience in a Bring Your Own Device Environment Using Multifactor Authentication

2020

Proceedings of the 17th International Conference on Applied Computing (AC2020)

View full text Add to dashboard Cite

show abstract

“…In this paper, at first, we added new risk factors such as cost overrun of BYOD implementation from a more practical point of view to the results of the risk assessment in previous study [3]. Next, we evaluated the effectiveness of these risk assessment results by quantitative evaluation with risk values.…”

Section: Introductionmentioning

confidence: 99%

Risk Assessment Quantification for BYOD Based on Practical Viewpoints

Endo

Tanimoto

Iwashita

et al. 2022

International Journal of Service and Knowledge Management

Self Cite

View full text Add to dashboard Cite

In recent years, the companies which introduce Bring Your Own Device (BYOD) which utilizes a personal smart phone and tablet for business are increasing in number. However, there are risks, such as information leakage of business information, an employee's personal information, etc., for the private terminal utilization instead of business use. These risks were exhaustively identified in our previous study, but based on qualitative assessment results. In order to make risk countermeasures more realistic, further quantitative evaluation is needed. Therefore, in this paper, we have added new cost risk factors for BYOD from a practical viewpoint to the risk analysis results of previous study. Furthermore, based on the results, a quantitative evaluation was conducted to verify its effectiveness. For the evaluation, the risk factor values were estimated using a risk calculation formula used in the field of information security management systems (ISMS). Thus, the combined effect of the BYOD risk measures proposed in the previous study and the cost risk measures added in this study clarified that it was possible to reduce the risk by about 56%. The results of this quantitative risk assessment are expected to help make the future use of BYOD safer and secure for companies.

show abstract

“…However, these advances also have their downside. The probability of attacks on the smart grid has increased [2], [3], [9].These attacks also put at risk personal data that may be associated with these smart technologies, including the Internet Protocol (IP) addresses and smart meters used to reach individual consumers [10], [11], [12], [13], [14].…”

Section: Introduction (Heading 1)mentioning

confidence: 99%

Defense against cyber-attacks on the Hydro Power Plant connected in parallel with Energy System

Mladenov

Chobanov

Sarigiannidis

et al. 2020

2020 12th Electrical Engineering Faculty Conference (BulEF)

View full text Add to dashboard Cite

In today's modern energy sector, driven more and more towards decentralization, which includes many smaller energy producers rather than huge government projects, security against cyber-attacks is becoming more crucial for the energy grid. Since many small energy plants do not have the resources to finance very expensive existing cybersecurity systems, they often have no security system in place at all. Although with small energy producers, the risks of being under attack are not as devastating as in a huge power plants, they still pose a serious threat to the energy system and to the supply of electricity to whole regions. Moreover, in the era of technology, such cyber-attacks could be carried out simultaneously at many locations, thus risking the lack of electricity to larger areas. Since there was a clearly identified need for such an instrument, the SPEAR consortium, started to develop tailor made solution for different types of actors in the energy sector, to prevent such occurrences and help secure the energy system. One of the use cases, investigated in the project, is a real operating hydro power plant in the mountain area of Bulgaria called Leshnitsa, which will be one of the four sites to first test the functionality of the finished product. The plant had no previous cyber-security system in place and had already experienced one attack, where one of the computers in the plant was hacked and a ransom was demanded from the attackers to unlock it. Exactly events like this one are proof, that the energy sector has a need to protect the growing number of small independent actors in the energy system..

show abstract

Risk assessment of BYOD: Bring your own device

Cited by 11 publications

References 3 publications

A Hybrid Model for the Evaluation of End User Experience in a Bring Your Own Device Environment Using Multifactor Authentication

A Hybrid Model for the Evaluation of End User Experience in a Bring Your Own Device Environment Using Multifactor Authentication

Risk Assessment Quantification for BYOD Based on Practical Viewpoints

Defense against cyber-attacks on the Hydro Power Plant connected in parallel with Energy System

Contact Info

Product

Resources

About