Advertisement

BYOD Security and Risk Challenges in Oman Organisations

  • Khoula Al HarthyEmail author
  • Nazaraf ShahEmail author
Conference paper
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 41)

Abstract

Bring Your Own Device (BYOD) is an environment where the end users use their own devices to complete their organization’s tasks. However, with the growth of a number of mobile devices, especially with rise of IoT based solutions, the BYOD environment has become even more challenging from security and privacy perspective. Hence, the extant information security management approaches and procedures need to be revised to be able to deal with the new risks presented by BYOD. This paper aims to study the current BYOD security frameworks and procedures being adopted by Omani organisations in order to identify the security gaps and effectiveness of the security measures being employed. Moreover, this, paper follows a primary data collection methods in order to understand the challenges from both users and professional perspectives. The both surveys of users and professionals aim to assess the current security frameworks and risk identification mechanisms used by the organization in Oman. This survey will also help to understand the level of BOYD user’s awareness. This attempt will help to identify potential threats in BYOD environment.

Keywords

BYOD Security Risk management Data mining 

References

  1. 1.
    Jones, J.: Beginner’s Guide to BYOD (Bring Your Own Device) (2012). Accessed 9 Feb 2014Google Scholar
  2. 2.
    Brooks, T.: Classic enterprise IT: the castle approach. Netw. Secur. 2013(6), 14–16 (2013)CrossRefGoogle Scholar
  3. 3.
    Eslahi, M., Salleh, R., Anuar, N.B.: Bots and botnets: an overview of characteristics, detection and challenges. In: 2012 IEEE International Conference on Control System, Computing and Engineering. IEEE (2012)Google Scholar
  4. 4.
    Ghosh, A., Gajar, P.K., Rai, S.: Bring your own device (BYOD): security risks and mitigating strategies. J. Glob. Res. Comput. Sci. 4(4), 62–70 (2013)Google Scholar
  5. 5.
    Ismail, K.A., Singh, M.M., Mustaffa, N., Keikhosrokiani, P., Zulkefli, Z.: Security strategies for hindering watering hole cyber crime attack. Procedia Comput. Sci. 124, 656–663 (2017)CrossRefGoogle Scholar
  6. 6.
    Assing, D., Calé, S.: Mobile Access Safety: Beyond BYOD. Wiley, Hoboken (2013)CrossRefGoogle Scholar
  7. 7.
    Lounsbury, J.: Application security: from web to mobile. Different vectors and new attacks. Secur. Knowl. 2–30 (2013)Google Scholar
  8. 8.
    Howard, F.: Modern web attacks. Netw. Secur. 2008(4), 13–15 (2008)CrossRefGoogle Scholar
  9. 9.
    Atallah, E., Chaumette, S.: A smart card based distributed identity management infrastructure for mobile ad hoc networks. In: IFIP International Workshop on Information Security Theory and Practices, pp. 1–13. Springer, Heidelberg (2007)Google Scholar
  10. 10.
    Conti, M., Giordano, S.: Mobile ad hoc networking: milestones, challenges, and new research directions. IEEE Commun. Mag. 52(1), 85–96 (2014)CrossRefGoogle Scholar
  11. 11.
    Roberts, L.G., Wessler, B.D.: Computer network development to achieve resource sharing. In: Proceedings of the Spring Joint Computer Conference, 5–7 May 1970. ACM (1970)Google Scholar
  12. 12.
    Andrea, I., Chrysostomou, C., Hadjichristofi, G.: Internet of things: security vulnerabilities and challenges. In: 2015 IEEE Symposium on Computers and Communication (ISCC), pp. 180–187. IEEE, July 2015Google Scholar
  13. 13.
    Eslahi, M., Naseri, M.V., Hashim, H., Tahir, N., Saad, E.H.M.: BYOD: current state and security challenges. In: 2014 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE). IEEE (2014)Google Scholar
  14. 14.
    Siboni, S., Shabtai, A., Elovici, Y.: An attack scenario and mitigation mechanism for enterprise BYOD environments. ACM SIGAPP Appl. Comput. Rev. 18(2), 5–21 (2018)CrossRefGoogle Scholar
  15. 15.
    Downer, K., Bhattacharya, M.: BYOD security: a new business challenge. In: 2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity). IEEE (2015)Google Scholar
  16. 16.
    Sitnikova, E., Asgarkhani, M.: A strategic framework for managing internet security. In: 2014 11th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD). IEEE (2014)Google Scholar
  17. 17.
    Boehmer, W.: Cost-benefit trade-off analysis of an ISMS based on ISO 27001. In: 2009 International Conference on Availability, Reliability and Security. IEEE (2009)Google Scholar
  18. 18.
    Huang, Z., Zavarsky, P., Ruhl, R.: An efficient framework for IT controls of bill 198 (Canada Sarbanes-Oxley) compliance by aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002. In: 2009 International Conference on Computational Science and Engineering. IEEE (2009)Google Scholar
  19. 19.
    Waters, E.K., Sigh, J., Friedrich, U., Hilden, I., Sørensen, B.B.: Concizumab, an anti-tissue factor pathway inhibitor antibody, induces increased thrombin generation in plasma from haemophilia patients and healthy subjects measured by the thrombin generation assay. Haemophilia 23(5), 769–776 (2017)CrossRefGoogle Scholar
  20. 20.
    Watson, B., Zheng, J.: On the user awareness of mobile security recommendations. In: Proceedings of the SouthEast Conference, pp. 120–127. ACM, April 2017Google Scholar
  21. 21.
    Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Social engineering attacks on the knowledge worker. In: Proceedings of the 6th International Conference on Security of Information and Networks. ACM (2013)Google Scholar
  22. 22.
    Spoorthi, V., Sekaran, K.C.: Mobile single sign-on solution for enterprise cloud applications. In: 2014 First International Conference on Networks & Soft Computing (ICNSC). IEEE (2014)Google Scholar
  23. 23.
    Romer, H.: Best practices for BYOD security. Comput. Fraud Secur. 2014(1), 13–15 (2014)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Middle East CollegeMuscatOman
  2. 2.Coventry UniversityCoventryUK

Personalised recommendations