資訊管理學報
陳志誠;林淑瓊;劉用貴;趙乃青;
頁: 76-102
日期: 2018/01
摘要: 企業導入員工攜帶自有行動設備(BYOD)上班已逐漸形成一個趨勢,但企業可能會擔心該實體設備遺失或內載資料被竊取所衍生出來的後續組織管理及資訊安全的嚴重問題。為使企業能對BYOD導入有明確的管理決策擬定之依據,探討企業BYOD導入需要掌握的關鍵管理因素即成為重要的研究課題。本研究從組織管理觀點思考BYOD導入之關鍵管理因素,先由防護技術及行動應用的相關文獻中整理出影響BYOD管理策略之四個準則構面及16個因子,再以修正式德爾菲法將專家意見轉為共識之研究條件,並結合層級分析法驗證影響BYOD管理策略之關鍵因素與因子。研究結果說明,經由關聯程度及相對權重分析出重要的管理準則構面,依序為行動資訊管理(MIM)、行動裝置管理(MDM)、企業風險管理(ERM)與行動應用程式管理(MAM),各準則構面的重要管理因子依序為資料防護、安全認證管理、公司資安政策、存取控制等。
關鍵字: 攜帶自有行動設備;BYOD;行動資訊管理;行動裝置管理;資料防護;
Abstract: Purpose-The concept of Bring Your Own Device (BYOD) has been gaining its popularity and forming a trend in modern business operation. Along with the trend, many issues arise regarding device management and data security. Businesses have concerns about that personal devices can be lost and the confidential information contained in them can be compromised, leading to serious consequence. Meeting the challenges brought forth by the inclusion of personal devices in the business operation, especially equipment mobilization and personal use, and addressing the issues of effective management of confidential information are the main purposes of this study. Design/methodology/approach- This study analyzes critical management factors affecting business BYOD adoption based on the concept of organization management. This study summarizes BYOD strategic guidelines and impacting factors by consulting available literature and protective techniques in practical use. The factors are grouped into four different management constructs and 16 factors. The study collects core research elements through interviews with experts and analyzes their opinions using Modified Delphi Method and Analytic Hierarchy Process. Findings-The result of this study shows the priorities of the enterprise BYOD implementation through the analysis of relevance degree and relative weight can be listed in the following order: MIM, MDM, ERM, and MAM. The most important factor in the MIM construct is data protection, in the MDM construct is security certificate management, in the ERM construct is company information security policy, and in the MAM construct is access control. Research limitations/implications- The results of this study can help enterprises establish their BYOD strategy and be useful for future academic research. Practical implications- According to the results, this study suggests that firms must strengthen enterprise internal information security policies, effective action to strengthen identity verification and access control to the equipment, and better application control through information security policy, practices of institutionalization and implementation of effective identity authentication. Originality/value- This study provides enterprises to know more about the problems of the implementing BYOD impact on organizational operation from the perspective of high management level. The critical management factors of implementing BYOD are also provided to establish a total solution of information security management for enterprises.
Keywords: Bring Your Own Device;BYOD;Mobile Information Management;Mobile Device Management;Data Protection;
瀏覽次數: 15709 下載次數: 1431
引用 導入Endnote
頁: 76-102
日期: 2018/01
摘要: 企業導入員工攜帶自有行動設備(BYOD)上班已逐漸形成一個趨勢,但企業可能會擔心該實體設備遺失或內載資料被竊取所衍生出來的後續組織管理及資訊安全的嚴重問題。為使企業能對BYOD導入有明確的管理決策擬定之依據,探討企業BYOD導入需要掌握的關鍵管理因素即成為重要的研究課題。本研究從組織管理觀點思考BYOD導入之關鍵管理因素,先由防護技術及行動應用的相關文獻中整理出影響BYOD管理策略之四個準則構面及16個因子,再以修正式德爾菲法將專家意見轉為共識之研究條件,並結合層級分析法驗證影響BYOD管理策略之關鍵因素與因子。研究結果說明,經由關聯程度及相對權重分析出重要的管理準則構面,依序為行動資訊管理(MIM)、行動裝置管理(MDM)、企業風險管理(ERM)與行動應用程式管理(MAM),各準則構面的重要管理因子依序為資料防護、安全認證管理、公司資安政策、存取控制等。
關鍵字: 攜帶自有行動設備;BYOD;行動資訊管理;行動裝置管理;資料防護;
Critical Management Factors for the Implementation of BYOD Based on the Perspective of Organizational Management Concerning Information Security
Abstract: Purpose-The concept of Bring Your Own Device (BYOD) has been gaining its popularity and forming a trend in modern business operation. Along with the trend, many issues arise regarding device management and data security. Businesses have concerns about that personal devices can be lost and the confidential information contained in them can be compromised, leading to serious consequence. Meeting the challenges brought forth by the inclusion of personal devices in the business operation, especially equipment mobilization and personal use, and addressing the issues of effective management of confidential information are the main purposes of this study. Design/methodology/approach- This study analyzes critical management factors affecting business BYOD adoption based on the concept of organization management. This study summarizes BYOD strategic guidelines and impacting factors by consulting available literature and protective techniques in practical use. The factors are grouped into four different management constructs and 16 factors. The study collects core research elements through interviews with experts and analyzes their opinions using Modified Delphi Method and Analytic Hierarchy Process. Findings-The result of this study shows the priorities of the enterprise BYOD implementation through the analysis of relevance degree and relative weight can be listed in the following order: MIM, MDM, ERM, and MAM. The most important factor in the MIM construct is data protection, in the MDM construct is security certificate management, in the ERM construct is company information security policy, and in the MAM construct is access control. Research limitations/implications- The results of this study can help enterprises establish their BYOD strategy and be useful for future academic research. Practical implications- According to the results, this study suggests that firms must strengthen enterprise internal information security policies, effective action to strengthen identity verification and access control to the equipment, and better application control through information security policy, practices of institutionalization and implementation of effective identity authentication. Originality/value- This study provides enterprises to know more about the problems of the implementing BYOD impact on organizational operation from the perspective of high management level. The critical management factors of implementing BYOD are also provided to establish a total solution of information security management for enterprises.
Keywords: Bring Your Own Device;BYOD;Mobile Information Management;Mobile Device Management;Data Protection;
瀏覽次數: 15709 下載次數: 1431
引用 導入Endnote