Skip to main content
SpringerLink
Log in

Personal Mobile devices at work: factors affecting the adoption of security mechanisms

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

This research examines the use of personal mobile devices at work and what factors affect people’s adoption of enhanced levels of security mechanisms for their devices. Mobile devices make the delineation between work and personal life less clear or even non-existent. Mobile devices, such as smartphones and tablets and in the foreseeable future together with smartwatches and smart glasses, will be inseparable to people, whether they be at work or outside. Alongside with their devices being brought into work environments, they will be used to carry out activities that are work related and very likely to host company-sensitive information within them. The mobile nature of the devices means they frequently operate in insecure environments, providing numerous opportunities for attackers to obtain critical information and use it for unwanted purposes. This can pose a dilemma for companies given that, on the one hand, they cannot stop their employees from using their personal devices for work-related activities and storing company-sensitive data and, on the other, attacks to steal data from devices are constantly growing in terms of sophistication, frequently, and effectiveness. In this research, we want to understand better the usage patterns of people bringing their devices to work and their predisposition to adopt secure mechanisms to protect the data found in their devices. We aim to find what factors impact the adoption of these mechanisms. The results indicate there are a number of factors that can predict their adoption, which are useful for designers of interfaces with security in mind and companies who would like to see their employees adopt more sophisticated and better methods to secure data located in these devices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Ajzen I, Fishbein M (1980) Understanding attitudes and predicting social behavior. Prentice-Hall, Englewood Cliffs

    Google Scholar 

  2. Allam S, Flowerday SV, Flowerday E (2014) Smartphone information security awareness: a victim of operational pressures. Comput Sec 42:56–65. https://doi.org/10.1016/j.cose.2014.01.005

    Article  Google Scholar 

  3. Ben-Asher N, Sieger H, Ben-Oved A, Kirschnick N, Meyer J, Moller S (2011). On the need for different security methods on mobile phones. In Proc. of MobileHCI’2011, Stockholm, Sweden

  4. Benbasat I, Barki H (2007) Quo vadis, TAM? J Assoc Inf Syst 8(4):211–218

    Google Scholar 

  5. Biddle R, Chiasson S, van Oorschot PC (2012) Graphical passwords: learning from the first twelve years. ACM Comput Surv 44(4):1–41. https://doi.org/10.1145/2333112.2333114

    Article  MATH  Google Scholar 

  6. Chau PYK (1996) An empirical assessment of a modified technology acceptance model. J Manag Inf Syst 13(2):185–204

    Article  Google Scholar 

  7. Cheong S-N, Ling H-C, Teh P-L (2014) Secure encrypted steganography graphical password scheme for near field communication smartphone access control system. Expert Syst Appl 41(2014):3561–3568

    Article  Google Scholar 

  8. Chesney T (2006) An acceptance model for useful and fun information systems. Hum Technol 2(2):225–235. https://doi.org/10.17011/ht/urn.2006520

    Article  Google Scholar 

  9. Chiang H-Y, Chiasson S (2013). Improving user authentication on mobile devices: a touchscreen graphical password. In Proceeding of the 15th international conference on Human-computer interaction with mobile devices and services (MobileHCI’15), 27–30 August, Munich

  10. Chiasson S, Forget A, Biddle R, van Oorschot PC (2009) User Int Des Affects Sec: Patt Click-Based Graph Pass. Int J Inf Secur 8(6):387–398. https://doi.org/10.1007/s10207-009-0080-7

    Article  Google Scholar 

  11. Childers TL, Carr CL, Peck J, Carson S (2001) Hedonic and utilitarian motivations for online retail shopping behavior. J Retail 77(4):511–535. https://doi.org/10.1016/S0022-4359(01)00056-2

    Article  Google Scholar 

  12. Cisco (2015) BYOD Insights 2013. Online: http://www.ciscomcon.com/sw/swchannel/registration/internet/registration.cfm?SWAPPID=91&RegPageID=350200&SWTHEMEID=12949 [Accessed on March 2015]

  13. Davis FD (1989) Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Q 13(3):319–340. https://doi.org/10.2307/249008

    Article  Google Scholar 

  14. Fishbein M, Ajzen I (1975) Belief, attitude, intention, and behavior: An introduction to theory and research. Addison-Wesley, Reading

    Google Scholar 

  15. Fleming C, Liang H-N, Man KL, An Y (2014) Mobistore: Secure Cloud-like Storage on Mobile Devices. The 17th IEEE International Conference on Computational Science and Engineering (CSE2014), Chengdu, pp 764–767

    Google Scholar 

  16. Fleming C, Peterson P, Kline E, Reiher P (2012) Data Tethers: Preventing information leakage by enforcing environmental data access policies. International Conference on Communications (ICC), Ottawa. https://doi.org/10.1177/1077801212474447

    Book  Google Scholar 

  17. Fornell CD, Larcker F (1981) Evaluating structural equation models with unobservable variables and measurement errors. J Mark Res 18(1):39–50

    Article  Google Scholar 

  18. Furnell S (2007) Making security usable: are things improving? Comput Sec 26(6):434–443. https://doi.org/10.1016/j.cose.2007.06.003

    Article  Google Scholar 

  19. Furnell S, Jusoh A, Katsabas D (2006) The challenges of understanding and using security: a survey of end-users. Comput Sec 25(1):27–35. https://doi.org/10.1016/j.cose.2005.12.004

    Article  Google Scholar 

  20. Ha I, Yoon Y, Choi M (2007) Determinants of adoption of mobile games under mobile broadband wireless access environment. Inf Manag 44(3):276–286. https://doi.org/10.1016/j.im.2007.01.001

    Article  Google Scholar 

  21. Kaasinen E, Mattila EM, Lammi H, Kivinen T, Välkkynen P (2011). Technology Acceptance Model for Mobile Services as a Design Framework. Human-Computer Interaction and Innovation in Handheld, Mobile and Wearable Technologies, 2011, 80–107. IGI Global

  22. Ketabdar H, Yuksel KA, JahanBekam AH, Roshandel M, Skripko D (2010) MagiSign: User Identification/Authentication based on 3D around Device Magnetic Signatures. The Fourth International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, Italy, October 25–30, 2010

  23. Kwon T, Na S (2014) TinyLock: affordable defense against smudge attacks on smartphone pattern lock systems. Comput Sec 42:137–150. https://doi.org/10.1016/j.cose.2013.12.001

    Article  Google Scholar 

  24. La Polla M, Martinelli F, Sgandurra D (2013) A survey on security for mobile devices. IEEE Commun Surv Tutor 5(1):446–471

    Article  Google Scholar 

  25. Lee YH, Kozar KA, Larsen KRT (2003) The technology acceptance model: past, present and future. Commun Assoc Inf Syst 12:50

    Google Scholar 

  26. Legris P, Ingham J, Collerette P (2003) Why do people use information technology? A critical review of the technology acceptance model. Inf Manag 40:191–204. https://doi.org/10.1016/S0378-7206(01)00143-4

    Article  Google Scholar 

  27. Li YQ, Qi JY, Shu HY (2008) Review of relationships among variables in TAM. Tsinghua Sci Technol 13(3):273–278. https://doi.org/10.1016/S1007-0214(08)70044-0

    Article  Google Scholar 

  28. Liang H-N, Fleming C, Wang W (2014) Secured User Authentication Interfaces in Mobile Devices: Some Design Consideration. The 17th IEEE International Conference on Computational Science and Engineering (CSE2014), Chengdu, pp 754–757. https://doi.org/10.1109/3DV.2014.67

    Book  Google Scholar 

  29. Liu Y, Li H, Carlsson C (2010) Factors driving the adoption of m-learning: An empirical study. Comp Educ 55(2010):1211–1219 Elsevier

    Article  Google Scholar 

  30. Maniar N, Bennett E, Hand S, Allan G (2008) The effect of mobile phone screen size on video-based learning. J Softw 3(4):51–61

    Article  Google Scholar 

  31. Mylonas A, Kastania A, Gritzalis D (2013) Delegate the smartphone user? Security awareness in smartphone platforms. Comput Sec 34(2013):47–66

    Article  Google Scholar 

  32. Ponemon Institute (2012) 2013 state of the endpoint. Traverse City,Michigan: Ponemon Institute LLC

  33. PricewaterhouseCoopers (2012). UK Information Security Breaches Survey Results 2012. Online: http://www.pwc.co.uk/en_UK/uk/assets/pdf/olpapp/uk-information-security-breaches-survey-technical-report.pdf [Accessed: March 2015]

  34. Saadé RG, Galloway I (2005) Understanding the acceptance of multimedia applications for learning. Issues in Information Science and Information Technology 2:287–296

    Article  Google Scholar 

  35. Sadler K, Robertson T, Kan M, Hagen P (2006) Balancing work, life and other concerns: a study of mobile technology use by Australian freelancers. In Proceedings of NordiCHI 2006

  36. Shaw K (2004) Data on PDAs mostly unprotected, survey finds. World Wide Web electronic publication, 10.1002/0471250953.bi0107s05

  37. Siponen M (2000) A conceptual foundation for organizational information security awareness. Inform Manag Comput Sec 8(1):31–41. https://doi.org/10.1108/09685220010371394

    Article  Google Scholar 

  38. Stobert E, Forget A, Chiasson S, van Oorschot PC, Biddle R (2010) Exploring Usability Effects of Increasing Security in Click-based Graphical Passwords. Annual Computer Security Applications Conference (ACSAC), Austin

    Book  Google Scholar 

  39. Tao H, Adams C (2008) Pass-go: a proposal to improve the usability of graphical passwords. Int J Netw Sec 7(2):273–292

    Google Scholar 

  40. Theoharidou M, Mylonas A, Gritzalis D (2012) A risk assessment method for smartphones. In: 27th IFIP International Information Security and Privacy Conference (Crete, Grece). 428–440. Springer

  41. van der Heijden H (2004) User acceptance of hedonic information systems. MIS Q 28(4):695–702. https://doi.org/10.2307/25148660

    Article  Google Scholar 

  42. Venkatesh V, Morris MG, Davis GB, Davis FD (2003) User acceptance of information technology: toward a unified view. MIS Q 27:425–478. https://doi.org/10.2307/30036540

    Article  Google Scholar 

  43. Wang YS, Wu MC, Wang HY (2009) Investigating the determinants and age and gender differences in the acceptance of mobile learning. Br J Educ Technol 40(1):92–118. https://doi.org/10.1111/j.1467-8535.2007.00809.x

    Article  MathSciNet  Google Scholar 

  44. Yousafzai SY, Foxall GR, Pallister JG (2007) Technology acceptance: a meta-analysis of the TAM: part 1. J Model Manag 2(3):251–280

    Article  Google Scholar 

  45. Yu Z, Liang H-N, Fleming C, Man KL (2016a) An exploration of usable authentication mechanisms for virtual reality systems. In Proceedings the 2016 IEEE Asia Pacific Conference on Circuits and Systems (APCCAS’16), Jeju, 458–460

  46. Yu Z, Olade I, Liang H-N, Fleming C (2016b) Usable Authentication Mechanisms for Mobile Devices: An Exploration of 3D Graphical Passwords. IEEE PlatCon-16: 2016 International Conference on Platform Technology and Service, Jeju, 1–3

Download references

Acknowledgements

The authors would like to also thank the respondents who took the time to complete our survey. We would like to thank also the reviewers whose comments helped us improve the paper. The authors acknowledge funding from Xi’an Jiaotong-Liverpool University (XJTLU) Key Program Special Fund and XJTLU Research Development Fund that supported this project.

Author information

Authors and Affiliations

  1. AI University Research Centre (AI-URC) and Department of Computer Science and Software Engineering, Xi’an Jiaotong-Liverpool University, Suzhou, China

    Hai-Ning Liang & Ka Lok Man

  2. Department of Computer Science and Software Engineering, Xi’an Jiaotong-Liverpool University, Suzhou, China

    Charles Fleming

Authors
  1. Hai-Ning Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Charles Fleming
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ka Lok Man
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hai-Ning Liang.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liang, HN., Fleming, C. & Man, K.L. Personal Mobile devices at work: factors affecting the adoption of security mechanisms. Multimed Tools Appl 79, 16113–16126 (2020). https://doi.org/10.1007/s11042-019-7349-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-019-7349-2

Keywords

Search

Navigation