Abstract
Bring Your Own Device (BYOD) is an environment where the end users use their own devices to complete their organization’s tasks. However, with the growth of a number of mobile devices, especially with rise of IoT based solutions, the BYOD environment has become even more challenging from security and privacy perspective. Hence, the extant information security management approaches and procedures need to be revised to be able to deal with the new risks presented by BYOD. This paper aims to study the current BYOD security frameworks and procedures being adopted by Omani organisations in order to identify the security gaps and effectiveness of the security measures being employed. Moreover, this, paper follows a primary data collection methods in order to understand the challenges from both users and professional perspectives. The both surveys of users and professionals aim to assess the current security frameworks and risk identification mechanisms used by the organization in Oman. This survey will also help to understand the level of BOYD user’s awareness. This attempt will help to identify potential threats in BYOD environment.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Jones, J.: Beginner’s Guide to BYOD (Bring Your Own Device) (2012). Accessed 9 Feb 2014
Brooks, T.: Classic enterprise IT: the castle approach. Netw. Secur. 2013(6), 14–16 (2013)
Eslahi, M., Salleh, R., Anuar, N.B.: Bots and botnets: an overview of characteristics, detection and challenges. In: 2012 IEEE International Conference on Control System, Computing and Engineering. IEEE (2012)
Ghosh, A., Gajar, P.K., Rai, S.: Bring your own device (BYOD): security risks and mitigating strategies. J. Glob. Res. Comput. Sci. 4(4), 62–70 (2013)
Ismail, K.A., Singh, M.M., Mustaffa, N., Keikhosrokiani, P., Zulkefli, Z.: Security strategies for hindering watering hole cyber crime attack. Procedia Comput. Sci. 124, 656–663 (2017)
Assing, D., Calé, S.: Mobile Access Safety: Beyond BYOD. Wiley, Hoboken (2013)
Lounsbury, J.: Application security: from web to mobile. Different vectors and new attacks. Secur. Knowl. 2–30 (2013)
Howard, F.: Modern web attacks. Netw. Secur. 2008(4), 13–15 (2008)
Atallah, E., Chaumette, S.: A smart card based distributed identity management infrastructure for mobile ad hoc networks. In: IFIP International Workshop on Information Security Theory and Practices, pp. 1–13. Springer, Heidelberg (2007)
Conti, M., Giordano, S.: Mobile ad hoc networking: milestones, challenges, and new research directions. IEEE Commun. Mag. 52(1), 85–96 (2014)
Roberts, L.G., Wessler, B.D.: Computer network development to achieve resource sharing. In: Proceedings of the Spring Joint Computer Conference, 5–7 May 1970. ACM (1970)
Andrea, I., Chrysostomou, C., Hadjichristofi, G.: Internet of things: security vulnerabilities and challenges. In: 2015 IEEE Symposium on Computers and Communication (ISCC), pp. 180–187. IEEE, July 2015
Eslahi, M., Naseri, M.V., Hashim, H., Tahir, N., Saad, E.H.M.: BYOD: current state and security challenges. In: 2014 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE). IEEE (2014)
Siboni, S., Shabtai, A., Elovici, Y.: An attack scenario and mitigation mechanism for enterprise BYOD environments. ACM SIGAPP Appl. Comput. Rev. 18(2), 5–21 (2018)
Downer, K., Bhattacharya, M.: BYOD security: a new business challenge. In: 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity). IEEE (2015)
Sitnikova, E., Asgarkhani, M.: A strategic framework for managing internet security. In: 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD). IEEE (2014)
Boehmer, W.: Cost-benefit trade-off analysis of an ISMS based on ISO 27001. In: 2009 International Conference on Availability, Reliability and Security. IEEE (2009)
Huang, Z., Zavarsky, P., Ruhl, R.: An efficient framework for IT controls of bill 198 (Canada Sarbanes-Oxley) compliance by aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002. In: 2009 International Conference on Computational Science and Engineering. IEEE (2009)
Waters, E.K., Sigh, J., Friedrich, U., Hilden, I., Sørensen, B.B.: Concizumab, an anti-tissue factor pathway inhibitor antibody, induces increased thrombin generation in plasma from haemophilia patients and healthy subjects measured by the thrombin generation assay. Haemophilia 23(5), 769–776 (2017)
Watson, B., Zheng, J.: On the user awareness of mobile security recommendations. In: Proceedings of the SouthEast Conference, pp. 120–127. ACM, April 2017
Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Social engineering attacks on the knowledge worker. In: Proceedings of the 6th International Conference on Security of Information and Networks. ACM (2013)
Spoorthi, V., Sekaran, K.C.: Mobile single sign-on solution for enterprise cloud applications. In: 2014 First International Conference on Networks & Soft Computing (ICNSC). IEEE (2014)
Romer, H.: Best practices for BYOD security. Comput. Fraud Secur. 2014(1), 13–15 (2014)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Harthy, K.A., Shah, N. (2020). BYOD Security and Risk Challenges in Oman Organisations. In: Chao, KM., Jiang, L., Hussain, O., Ma, SP., Fei, X. (eds) Advances in E-Business Engineering for Ubiquitous Computing. ICEBE 2019. Lecture Notes on Data Engineering and Communications Technologies, vol 41. Springer, Cham. https://doi.org/10.1007/978-3-030-34986-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-34986-8_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34985-1
Online ISBN: 978-3-030-34986-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)