BYOD Security Policy Model: A Systematic Literature Review

Abstract

In education sector, Bring Your Own Device (BYOD) Security Policy (BYOD-SP) was established as earlier in 2015 in foreign universities with the purpose to safeguard campus’s network, system and confidential data and information. BYOD-SP is one of the strategic planning launched, aims to achieve maximum security for personally owned device through BYOD phenomenon. BYOD-SP acts as an official documentation that describes the detailed explanation of each component for the BYOD users to abide to all the components’ requirement in BYOD-SP. In BYOD practice in education field, BYOD-SP must meet the education agenda where BYOD-SP need to be tailored following education strategic plans and eliminate potential attacks that might cause the universities in loss if BYOD-SP is launched without having a robust model to refer of its components. Hence, it is crucial as this will welcome unauthorized parties to get access, gain and steal campus corporate data in BYOD environment. This study aims to identify what the necessary components that could assist top management and policy makers to formulate the comprehensive BYOD-SP in future and BYOD can be one of mobile computing that being accepted to be practiced in secured environment. Existing studies were executed in many research designs, where the review fulfilled the Preferred Reporting Items for Systematic reviews and MetaAnalyses (PRISMA) publishing standard. Two common online databases, World of Science (WOS) and Scopus were utilized to observe articles for this study purposes where a total of 16 articles published from 2013-2022 were reviewed to answer the formulated research questions on BYOD-SP. This review includes a topic based on the thematic analysis which is the components in drafting BYOD-SP documentation. The findings from this study proved four main components to be emphasized in tailoring BYOD-SP which are Device, Process, People and Jurisdiction/Law. The research’s findings here may drive the organization to have a reference model of BYOD-SP components and come out with the sturdy BYOD-SP to be adhered by all individuals in education premises. The top management in the organization need to involve in the procedures in each component of BYOD-SP to alleviate the case of security breach in BYOD activities.