Security Issues Associated with Bring Your Own Device (BYOD): A Narrative Review

This study is a narrative review that aimed at exploring the benefits, risks, and policy controls of Bring Your Own Device (BYOD) for maximum and effective BYOD adoption. BYOD is a paradigm where employees use their personal devices such as Smartphones, tablets, laptops, etc., to access organizations’ enterprise resources such as email, file servers, and database contents and networks. Significant empirical evidence from literature revealed that 82% of organizations have a BYOD program, while 68% of organizations see a jump in productivity after switching to BYOD. Despite these important virtues, numerous investigations have shown that threats and attacks on organization data and resources: confidentiality, integrity, and availability are the greatest security concern in BYOD environment. In this study, the authors adopted a narrative review methodology. A search, using keywords, was conducted and fifty-five peer-reviewed journal papers within the last 5 years of this study were identified. These journals came from Pro Quest databases, ScienceDirect, Taylor and Francis, Crossref.com, Walden University collection of scholarly and peer-reviewed journals, and other related texts. Inclusion and exclusion criteria were applied, followed by a quality appraisal of the selected articles, before data were extracted. Results show that good BYOD policies, guidelines, and practices coupled with good controls and management may avert security breaches on employees' and organizations' devices and resources. Results also show that it is possible to use machine learning approaches to handle threats and attacks such as persistent threats, data leakage, and data theft, denial of service (DOS) attack, intrusion attack, and untrusted network in BYOD environment. Findings may positively impact and equip organizations and employees with proven information for successful security and risk management programs that may increase mutual trust and a healthy BYOD adoption environment.