Understanding Compliance with Bring Your Own Device Policies Utilizing Protection Motivation Theory: Bridging the Intention-Behavior Gap
Posted: 22 Feb 2016
Date Written: 2014
The purpose of this study is to examine the factors that determine whether employees follow Bring Your Own Device (BYOD) policies through the lens of the Protection Motivation Theory. BYOD is rapidly becoming the norm rather than the exception. As a result, firms are establishing BYOD policies to address the risk inherent in allowing individuals to use their own devices to access or store company data. This paper reports the results of a survey of accounting students, non-accounting students, and full-time employees. Results demonstrate that participants’ intentions to comply with a BYOD policy were primarily motivated by Self Efficacy and Response Efficacy. Further, Threat Severity was more salient for accountants than non-accountants, perhaps due to their sensitivity to confidential data. Finally, when actual compliance behavior was considered, costs to comply were much more salient to employees and could be strong deterrents to full compliance. These findings have important theoretical and practical implications.
Keywords: bring your own device, BYOD, policy compliance, compliance, protection motivation theory, intention-behavior gap
Suggested Citation: Suggested Citation