Mark A. Harris

Mobile device security considerations for small- and medium-sized enterprise business mobility

Purpose – This papers purpose is to identify and accentuate the dilemma faced by small- to medium-sized enterprises (SMEs) who use mobile devices as part of their mobility business strategy. While large enterprises have the resources to implement emerging security recommendations for mobile devices, such as smartphones and tablets, SMEs often lack the IT resources and capabilities needed. The SME mobile device business dilemma is to invest in more expensive maximum security technologies, invest in less expensive minimum security technologies with increased risk, or postpone the business mobility strategy in order to protect enterprise and customer data and information. This paper investigates mobile device security and the implications of security recommendations for SMEs. Design/methodology/approach – This conceptual paper reviews mobile device security research, identifies increased security risks, and recommends security practices for SMEs. Findings – This paper identifies emerging mobile device secur...

Comparing the Mobile Device Security Behavior of College Students and Information Technology Professionals

Mobile devices are now a standard part of both personal and workplace information technology (IT) usage. However, they introduce a variety of security concerns that users are failing to address. This article examines and compares the security preparedness of 227 IT and non-IT college students about to enter the workforce and 83 predominately non-security-focused IT professionals. Results indicate that all groups put their data and connected networks at risk by failing to properly secure their personal mobile devices. Suggestions include organizational mobile device security policies and mobile device security awareness and training for both current and incoming employees.

Consumer trust in Google’s top developers’ apps: an exploratory study

Purpose This paper aims to investigate Google’s top developers’ apps with trust badges to see if they warrant an additional level of trust and confidence from consumers, as stated by Google. Design/methodology/approach Risky app permissions and in-app purchases (IAP) from Google’s top developers and traditional developers were investigated in several Google Play top app categories, including Editor’s Choice apps. Analysis was performed between categories and developer types. Findings Overall, Google’s top developers’ apps request more risky permissions and IAP than do traditional developers. Other results indicate that free apps are more dangerous than paid apps and star ratings do not signify safe apps. Research limitations/implications Because of a limited number of Google’s top developers and Editor’s Choice apps, conclusions are drawn from a small sample of apps and not the entire market. Practical implications Google’s top developers’ apps are suited well for increasing revenue for Google and developers at the consumer’s expense. Consumers should be wary of top developer trust badges. Social implications As the lure for “top free” and “top developer” software is strong among consumers, this research contributes to societal welfare in that it makes consumers aware that Google top developer app trust badges and free apps are more dangerous than traditional developer and paid apps, as they request risky permissions at a much higher frequency. Therefore, consumers should be very careful when downloading apps that are advertised as “top free” or “top developer”. Originality/value Google’s top developers’ apps and Editors’ Choice apps have not been investigated from the perspective of permissions and IAP before.

A bidirectional perspective of trust and risk in determining factors that influence mobile app installation

Abstract The purpose of this research is to consider how trust in and perceived risk of a mobile marketplace impact a consumer before installing a mobile application. In particular, trust is considered from the perspective of institutionalized trust, where consumers faced with ignorance rely on institutionalized mechanisms for personal safety. A bidirectional research model is presented based on trust and perceived risk as antecedents to the intent to install a mobile application. Data is collected from a survey of 214 participants and is analyzed using structural equation modeling. Results suggest that institutional loyalty plays a significant role in consumers’ intent to install mobile apps. Trust and its antecedent, security, had strong significant positive relationships with the intention to install mobile apps, while risk and its antecedent, privacy, had weak and insignificant relationships. The bidirectional model’s relationship between trust and risk was also insignificant in both directions, further suggesting that perception of risk is an insignificant factor in the intent to install mobile apps.

Evaluating Student Learning in an IT Curriculum Using Bloom's -- Webb's Curriculum Taxonomy

The Accreditation Board for Engineering and Technology (ABET) requires any accredited undergraduate Information Technology (IT) program to develop a continuous improvement practice to evaluate and update the undergraduate IT curriculum as necessary. During the process to incorporate cybersecurity topics into the IT curriculum, the faculty at a southeastern public university developed an IT Security-related and Cybersecurity Curriculum Taxonomy to identify strategies to move security-related topics taught in the higher level courses to lower and intermediate courses. To do this, the faculty combined Blooms Taxonomys six levels of thinking with Webbs Depth of Knowledge Model to create Blooms -- Webbs Curriculum Taxonomy. The purpose of this paper is to describe the methodology used to create the taxonomy with the expectation that the same method could be used to evaluate any IT curriculum for a variety of reasons.