Often, organizations allow employees the use of their personally owned devices to access corporate data. This phenomenon is identified as Bring Your Own Device (BYOD), and organizations are adopting it without taking into consideration the inherent security risks introduced via BYODs. There are several approaches that organizations can consider for BYOD security. This paper addresses research questions related to the protection of BYOD environments. In general, how can organizations protect against the inherent risks posed by BYODs? What are existing modalities to do so? With this in mind, this research reviews existing BYOD security approaches, such as frameworks, checklists, best practices, and quantitative models, and performs a comparative analysis among such modalities. Based on our research, this comparative study shows that a quantitative model, BYOD-Insure, meets the requirements for security assessment of BYOD environments. The model provides a level of detail, granularity and specificity that existing modalities do not.
Ratchford, Melva M.; Wang, Yong; Noteboom, Cherie Bakker; and El-Gayar, Omar, "BYOD-Insure vs Existing Modalities for BYOD Security Assessment: A Comparison Study" (2020). AMCIS 2020 Proceedings. 12. https://aisel.aisnet.org/amcis2020/info_security_privacy/info_security_privacy/12