Academic journal article Journal of Information Systems Education

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

Academic journal article Journal of Information Systems Education

The Need to Address Mobile Device Security in the Higher Education IT Curriculum

Article excerpt

1. INTRODUCTION

As of January 2013 in the United States, Android made up 52.69 percent of mobile device operating systems and Apple iOS accounted for 34.9 percent (Statcounter, 2013). Apple iOS had the lead only eighteen months earlier. Since the summer of 2011, Android has steadily taken over the market from iOS as the most popular mobile operating system with all other platforms, like Windows Mobile, Symbian, and BlackBerry, accounting for less than thirteen percent combined (Statcounter, 2013).

Mobile devices include smartphones and tablets, both of which have become very popular among consumers. In 2013, people will purchase 1.2 billion mobile devices, surpassing PC's as the most common method for accessing the Internet (Lookout, 2013). Many of these devices will not only be used for personal activities, but for work-related activities as well. Bring Your Own Device (BYOD) has become very popular and leads to many security concerns for information technology (IT) security professionals. The SANS Institute recently reported 61 percent of respondent's organizations allowed BYOD access to resources (SANS, 2012). That percentage is expected to rise as the number of devices increases, the functionality of the devices becomes that of a PC, and work becomes mixed with play beyond the traditional 9-5 Monday through Friday work week. "For many organizations today, the BYOD issue is less a matter of 'No, we can't do it' and more a question of 'how do we do it' (Thomson, 2012)?"

Mobile devices, including BYOD and corporate issued devices, all pose new problems for IT professionals who do not quite know how to handle the problem yet. A recent study of IT security professionals revealed 68 percent of them have no way of identifying known mobile device vulnerabilities on their networks (Tenable-Security, 2012). "Nearly all survey respondents said mobile devices present a security threat to their business, yet 67 percent said they either have no controls in place for mobile device usage on their network or employees simply ignore existing mobile device usage policies (Tenable-Security, 2012)." A primary reason this technology is causing so many concerns is that it is new and rapidly evolving.

Employees do not understand the threats to mobile devices as they do their desktop PCs. IT security professionals do not fully understand the implications this technology has on the company and the steps needed to protect corporate assets. One solution is education. Everyone needs to be educated on mobile device security and the best place to start is with college students, especially those in information technology programs. Those already in the workplace will have to play catch up, but a good start is to educate those entering the workforce.

This paper reviews mobile device security concerns and develops recommendations for education that are in line with Accreditation Board for Engineering and Technology (ABET) accreditation standards. An example is given of how those recommendations are being adapted at a university currently applying for ABET accreditation. The following sections provides a literature review of the business needs for information security and mobile device security (MDS), the emerging mobile device technical issues, and the evolution of the IT curriculum including the need for information assurance security (IAS) and MDS within the IT curriculum. This paper then suggests mobile device security education recommendations, which are mapped to the Model IT Curriculum as an approach for integrating the MDS into any undergraduate IT program.

2. BUSINESS NEED FOR MOBILE DEVICE SECURITY

Information security issues within enterprises are becoming more complex daily. However, with increased global business demands, enterprises are finding new areas of security concerns. Annually, since 1980, the Society for Information management (SIM), together with leading academic researchers, surveys IT executives about their management concerns as well as application and technology investments and organizational considerations. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.