A bring your own device information security behavioural model
- Authors: Musarurwa, Alfred
- Date: 2017
- Subjects: Data protection Computer security -- Management Privacy, Right of
- Language: English
- Type: Thesis , Doctoral , PhD
- Identifier: http://hdl.handle.net/10353/8587 , vital:33166
- Description: The Bring Your Own Device (BYOD) phenomenon has become prevalent in the modern-day workplace, including the banking industry. Employees who own devices have become the unintended administrators of the organisation’s information as their mobile devices often carry information belonging to the organisation. The unintended administrator is not necessarily schooled or aware of the information security risks and challenges that are associated with the BYOD. This inadvertently shifts the management of organisational information security from the information technology (IT) administrator to the unintended administrator. This shift leaves the organisation at risk of information security breaches that can permeate the organisation, which result from the behaviour that the unintended administrator displays when operating the mobile device. This study introduces the BYOD Information Security Behavioural (BISB) model. The model constructs are a combination of individual and organisational traits of the unintended administrator. The purpose of this study is to mitigate the risks posed by the unintended administrator in organisations through the implementation this model. The risk that the unintended administrator poses in relation to the BYOD phenomenon results in chief information officers (CIOs) being unable to totally control these mobile devices. Traditional endpoint information security management tools and methods can no longer secure devices in the BYOD the way they can in the traditional network where they are confined to the organisation’s IT administrator. This results in the organisation’s information security becoming the responsibility of the unintended administrator. This study was conducted in the banking sector in Zimbabwe. It is noteworthy that the BYOD phenomenon has become prevalent in the banking sector among other organisational sectors like education, health or even government departments. Information security is also an important component of the banks as such and a choice was made to conduct the study in the banking industry. The design science research paradigm was followed in this study and included a survey of 270 bank employees in Zimbabwe, which received 170 complete responses. A literature review on both employee behaviour and organisational culture was conducted, followed by a case study of a commercial bank in Zimbabwe. The literature review culminated in traits that were then classified as individual traits and organisational traits. Six constructs –, knowledge, attitude, habit, environment, governance and training – were identified from the literature and combined to form the BYOD information security behavioural (BISB) model. Statistical calculations were conducted on the survey results which informed the reliability, validity and rigour of the model constructs. An expert review including industry experts was conducted to evaluate the BISB model. This study concludes by recommending that organisations in Zimbabwe should make use of the BISB model to mitigate the information security risks that are posed by the unintended administrator. While there are technical solutions for managing the information security risks that come with the BYOD, this study points out that without harnessing the individual and organisational traits that make up the BYOD information security behavioural model for the unintended administrator, technical solutions alone will not be effective.
- Full Text:
- Authors: Musarurwa, Alfred
- Date: 2017
- Subjects: Data protection Computer security -- Management Privacy, Right of
- Language: English
- Type: Thesis , Doctoral , PhD
- Identifier: http://hdl.handle.net/10353/8587 , vital:33166
- Description: The Bring Your Own Device (BYOD) phenomenon has become prevalent in the modern-day workplace, including the banking industry. Employees who own devices have become the unintended administrators of the organisation’s information as their mobile devices often carry information belonging to the organisation. The unintended administrator is not necessarily schooled or aware of the information security risks and challenges that are associated with the BYOD. This inadvertently shifts the management of organisational information security from the information technology (IT) administrator to the unintended administrator. This shift leaves the organisation at risk of information security breaches that can permeate the organisation, which result from the behaviour that the unintended administrator displays when operating the mobile device. This study introduces the BYOD Information Security Behavioural (BISB) model. The model constructs are a combination of individual and organisational traits of the unintended administrator. The purpose of this study is to mitigate the risks posed by the unintended administrator in organisations through the implementation this model. The risk that the unintended administrator poses in relation to the BYOD phenomenon results in chief information officers (CIOs) being unable to totally control these mobile devices. Traditional endpoint information security management tools and methods can no longer secure devices in the BYOD the way they can in the traditional network where they are confined to the organisation’s IT administrator. This results in the organisation’s information security becoming the responsibility of the unintended administrator. This study was conducted in the banking sector in Zimbabwe. It is noteworthy that the BYOD phenomenon has become prevalent in the banking sector among other organisational sectors like education, health or even government departments. Information security is also an important component of the banks as such and a choice was made to conduct the study in the banking industry. The design science research paradigm was followed in this study and included a survey of 270 bank employees in Zimbabwe, which received 170 complete responses. A literature review on both employee behaviour and organisational culture was conducted, followed by a case study of a commercial bank in Zimbabwe. The literature review culminated in traits that were then classified as individual traits and organisational traits. Six constructs –, knowledge, attitude, habit, environment, governance and training – were identified from the literature and combined to form the BYOD information security behavioural (BISB) model. Statistical calculations were conducted on the survey results which informed the reliability, validity and rigour of the model constructs. An expert review including industry experts was conducted to evaluate the BISB model. This study concludes by recommending that organisations in Zimbabwe should make use of the BISB model to mitigate the information security risks that are posed by the unintended administrator. While there are technical solutions for managing the information security risks that come with the BYOD, this study points out that without harnessing the individual and organisational traits that make up the BYOD information security behavioural model for the unintended administrator, technical solutions alone will not be effective.
- Full Text:
A privacy management framework for mobile personal electronic health records in South Africa
- Authors: Els, Floyd Nathaniel
- Date: 2017
- Subjects: Medical records -- Data processing Medical records -- Access control Electronic records -- Security measures
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/12733 , vital:39316
- Description: South Africa’s health status is in constant dismay, especially while under the strain of the quadruple burden of disease. The adoption of personal electronic health records (PEHRs) can be seen as a means to improve this status by empowering patients to manage their health and lifestyle better. While from the healthcare provider’s perspective, PEHRs has the ability to reduce medical errors; provide better communication channels and enhance the monitoring of patients. Despite these benefits for both healthcare providers and patients, there are three distinct information security threats relating to PEHRs. These threats refer to the individual, data in transit, and at rest. South Africa is still considered to be inexperienced with PEHRs, and consider it a relatively new concept to the healthcare system. The National e-Health Strategy and Protection of Personal Information Bill were discussed and compared to international standards in order to ascertain South Africa’s current standing on mobile healthcare privacy. However, there are no specific privacy and security controls in place to protect patients that access personal electronic health records through mobile devices. Therefore, the aim of this study is the development of a privacy management framework (PMF) to mitigate these privacy concerns. Following an interpretivistic approach to research, qualitative data was analysed from literature, and the privacy framework evaluated through expert reviews. The proposed PMF consists of 3 tiers, beginning with the top tier. The first tier relates to an organisations interpretation and understanding of data privacy laws and regulations, and in ensuring compliance with these laws. The second tier refers to two support pillars to maintain the first tier. These pillars are based on elements of operational privacy, as well as auditing and reviewing. The third tier serves as the basic foundation upon which the PMF was developed. It is mainly focused with creating privacy awareness amongst healthcare providers and patients by creating: training regimes on security and privacy threats, efficient communication standards, and constant ongoing support from top level management.
- Full Text:
- Authors: Els, Floyd Nathaniel
- Date: 2017
- Subjects: Medical records -- Data processing Medical records -- Access control Electronic records -- Security measures
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/12733 , vital:39316
- Description: South Africa’s health status is in constant dismay, especially while under the strain of the quadruple burden of disease. The adoption of personal electronic health records (PEHRs) can be seen as a means to improve this status by empowering patients to manage their health and lifestyle better. While from the healthcare provider’s perspective, PEHRs has the ability to reduce medical errors; provide better communication channels and enhance the monitoring of patients. Despite these benefits for both healthcare providers and patients, there are three distinct information security threats relating to PEHRs. These threats refer to the individual, data in transit, and at rest. South Africa is still considered to be inexperienced with PEHRs, and consider it a relatively new concept to the healthcare system. The National e-Health Strategy and Protection of Personal Information Bill were discussed and compared to international standards in order to ascertain South Africa’s current standing on mobile healthcare privacy. However, there are no specific privacy and security controls in place to protect patients that access personal electronic health records through mobile devices. Therefore, the aim of this study is the development of a privacy management framework (PMF) to mitigate these privacy concerns. Following an interpretivistic approach to research, qualitative data was analysed from literature, and the privacy framework evaluated through expert reviews. The proposed PMF consists of 3 tiers, beginning with the top tier. The first tier relates to an organisations interpretation and understanding of data privacy laws and regulations, and in ensuring compliance with these laws. The second tier refers to two support pillars to maintain the first tier. These pillars are based on elements of operational privacy, as well as auditing and reviewing. The third tier serves as the basic foundation upon which the PMF was developed. It is mainly focused with creating privacy awareness amongst healthcare providers and patients by creating: training regimes on security and privacy threats, efficient communication standards, and constant ongoing support from top level management.
- Full Text:
Critical success factors for the implementation of an electronic health record system in the public health care sector of South Africa
- Katurura, Munyaradzi Caurage
- Authors: Katurura, Munyaradzi Caurage
- Date: 2017
- Subjects: Medical records -- South Africa -- Data processing Public health -- South Africa Medical records -- Access control -- South Africa.
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/13182 , vital:39472
- Description: South Africa intends to implement a National Health Insurance for its citizens, however, for this to be possible there is a need for registering and tracking all the patients who visit health care institutions. The use of EHRs was identified as the most suitable towards accomplishing the above-mentioned tasks. This study investigated other African countries’ EHR implementation efforts in order to identify the critical success factors for the implementation of EHR in South Africa’s public health system. The study conducted a structured literature review of articles written about EHR implementation in African countries and found that issues such as the high costs of implementation; resistance by health workers; a lack of suitable infrastructure; a lack of skills; political influence and poor government commitment were some of the challenges to the implementation of EHRs in African countries. The study then identified 6 critical factors that could address these challenges and ensure that EHR implementation is successful. Identified factors included Incentivising the health informatics career field to attract and retain ICT professionals; Encouraging participation of all stakeholders in the development process of EHR systems; Investigating and investing in alternative infrastructural facilities; Allocating separate budgets for E-health projects; Developing context relevant E-health implementation strategies and frameworks; and finally, Develop and implement Legislation specific to EHR implementation and continued use. Recommendations were also made on each factor regarding how it could be accomplished.
- Full Text:
- Authors: Katurura, Munyaradzi Caurage
- Date: 2017
- Subjects: Medical records -- South Africa -- Data processing Public health -- South Africa Medical records -- Access control -- South Africa.
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/13182 , vital:39472
- Description: South Africa intends to implement a National Health Insurance for its citizens, however, for this to be possible there is a need for registering and tracking all the patients who visit health care institutions. The use of EHRs was identified as the most suitable towards accomplishing the above-mentioned tasks. This study investigated other African countries’ EHR implementation efforts in order to identify the critical success factors for the implementation of EHR in South Africa’s public health system. The study conducted a structured literature review of articles written about EHR implementation in African countries and found that issues such as the high costs of implementation; resistance by health workers; a lack of suitable infrastructure; a lack of skills; political influence and poor government commitment were some of the challenges to the implementation of EHRs in African countries. The study then identified 6 critical factors that could address these challenges and ensure that EHR implementation is successful. Identified factors included Incentivising the health informatics career field to attract and retain ICT professionals; Encouraging participation of all stakeholders in the development process of EHR systems; Investigating and investing in alternative infrastructural facilities; Allocating separate budgets for E-health projects; Developing context relevant E-health implementation strategies and frameworks; and finally, Develop and implement Legislation specific to EHR implementation and continued use. Recommendations were also made on each factor regarding how it could be accomplished.
- Full Text:
Factors that influence knowledge management systems to improve knowledge transfer in local government: a case study of Buffalo City Metropolitan Municipality
- Authors: Ncoyini, Samuel
- Date: 2017
- Subjects: Knowledge management -- South Africa -- Eastern Cape Technology transfer -- South Africa -- Eastern Cape Management information systems -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , M Com
- Identifier: http://hdl.handle.net/10353/1918 , vital:27583
- Description: The demand for improved service delivery requires new approaches and attitudes from local government. One of the ways this can be achieved is to focus on continuous improvement by driving innovation and lessons learnt from the municipalities’ past successes and failures. For local government authorities to rethink service delivery, they need to find better ways to share information assets, business processes and staff expertise with their citizens and business partners. The lack of Knowledge Management (KM) and, therefore, a low level of information and knowledge transfer in the public services have been identified as two of the main contributors to poor service delivery. The implementation of knowledge transfer process is one of the factors that will impact on the improvement of service delivery. The main purpose of this research study was to investigate how knowledge management systems can be used to improve the knowledge transfer at Buffalo City Metropolitan Municipality (BCMM). The research study focused on knowledge transfer within the Municipality as the general area of research. The objective of this study was to produce critical success factors that would improve knowledge management systems and knowledge transfer among employees at BCMM, which would ultimately improve service delivery.
- Full Text:
- Authors: Ncoyini, Samuel
- Date: 2017
- Subjects: Knowledge management -- South Africa -- Eastern Cape Technology transfer -- South Africa -- Eastern Cape Management information systems -- South Africa -- Eastern Cape
- Language: English
- Type: Thesis , Masters , M Com
- Identifier: http://hdl.handle.net/10353/1918 , vital:27583
- Description: The demand for improved service delivery requires new approaches and attitudes from local government. One of the ways this can be achieved is to focus on continuous improvement by driving innovation and lessons learnt from the municipalities’ past successes and failures. For local government authorities to rethink service delivery, they need to find better ways to share information assets, business processes and staff expertise with their citizens and business partners. The lack of Knowledge Management (KM) and, therefore, a low level of information and knowledge transfer in the public services have been identified as two of the main contributors to poor service delivery. The implementation of knowledge transfer process is one of the factors that will impact on the improvement of service delivery. The main purpose of this research study was to investigate how knowledge management systems can be used to improve the knowledge transfer at Buffalo City Metropolitan Municipality (BCMM). The research study focused on knowledge transfer within the Municipality as the general area of research. The objective of this study was to produce critical success factors that would improve knowledge management systems and knowledge transfer among employees at BCMM, which would ultimately improve service delivery.
- Full Text:
The influence of social media service quality on client loyalty in the South African banking industry
- Authors: Gavaza, Bramwell Kundishora
- Date: 2017
- Subjects: Banks and banking -- South Africa Social media -- South Africa Customer loyalty -- South Africa
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/12903 , vital:39389
- Description: The advent of the Internet during the past two decades has changed the way in which businesses operate. Social media networks such as Facebook have become an essential communication element for businesses to interact with clients. The impact and growth rates of Facebook and other forms of social media have made it imperative for all businesses to ensure they have social media strategies in place. Following social media business trends, banks across the world have included social media to market their services. Banks are now emphasising the offering of high client service quality in order to retain clients in this highly competitive environment. Thus, South African banks, as is the case with global banks, need to continuously assess the quality of the services offered to their clients in order to sustainably maintain or grow their market share or to fully utilise its commercial opportunities. This study determined the influence of social media service quality on client loyalty in the South African banking industry. The primary objective was to examine the extent to which social media service quality influence client loyalty in the South African banking industry. The study also determined if social media system availability, efficiency, fulfilment, and privacy has influence on the overall service quality of social media in the South African banking industry. In addition, the study examined the relationship between overall service quality and client loyalty intention in the South African banking industry. The study used a quantitative research approach to collect and analyse the data, and a descriptive research design was utilised for the purpose of this study. Data was collected from both primary and secondary sources of data. An online survey was conducted through Survey Monkey, via a Facebook page titled: Social media service quality in the South African banking industry. An online questionnaire was administered via the Facebook page. The study used a sample of 377 respondents who are Facebook users of the five major banks in South Africa. Analysis and interpretation of findings was done using both the descriptive and inferential statistical measures, with the help of Statistical Package for Social Scientists (SPSS) 24 and Lisrel (version 9). The electronic social media service quality (E-S-SERVQUAL) scale which consist of five constructs, namely; social media system availability, efficiency, fulfilment, privacy and overall service quality; and client loyalty intentions were the scales that were adopted for this study. All the scales used in this study were found to be reliable and valid. Findings of the research study proved that social media system availability, fulfilment, and privacy has a significant influence on the overall service quality of social media in the South African banking industry. In addition, findings of the research revealed that social media efficiency does not significantly influence overall service quality of social media in the South African banking industry. Furthermore, findings of the research also proved that the overall service quality of social media positively influences client loyalty intention in the South African banking industry. The study recommended that managers and marketers should constantly evaluate, monitor, and improve the overall service quality of social media offered to their clients, as it leads to a corresponding increase in overall client satisfaction, which in turn leads to client loyalty in the South African banking industry. However, further research studies may be conducted in other developing countries to gain a wider understanding on the influence of social media service quality on client loyalty in the banking industry.
- Full Text:
- Authors: Gavaza, Bramwell Kundishora
- Date: 2017
- Subjects: Banks and banking -- South Africa Social media -- South Africa Customer loyalty -- South Africa
- Language: English
- Type: Thesis , Masters , MCom
- Identifier: http://hdl.handle.net/10353/12903 , vital:39389
- Description: The advent of the Internet during the past two decades has changed the way in which businesses operate. Social media networks such as Facebook have become an essential communication element for businesses to interact with clients. The impact and growth rates of Facebook and other forms of social media have made it imperative for all businesses to ensure they have social media strategies in place. Following social media business trends, banks across the world have included social media to market their services. Banks are now emphasising the offering of high client service quality in order to retain clients in this highly competitive environment. Thus, South African banks, as is the case with global banks, need to continuously assess the quality of the services offered to their clients in order to sustainably maintain or grow their market share or to fully utilise its commercial opportunities. This study determined the influence of social media service quality on client loyalty in the South African banking industry. The primary objective was to examine the extent to which social media service quality influence client loyalty in the South African banking industry. The study also determined if social media system availability, efficiency, fulfilment, and privacy has influence on the overall service quality of social media in the South African banking industry. In addition, the study examined the relationship between overall service quality and client loyalty intention in the South African banking industry. The study used a quantitative research approach to collect and analyse the data, and a descriptive research design was utilised for the purpose of this study. Data was collected from both primary and secondary sources of data. An online survey was conducted through Survey Monkey, via a Facebook page titled: Social media service quality in the South African banking industry. An online questionnaire was administered via the Facebook page. The study used a sample of 377 respondents who are Facebook users of the five major banks in South Africa. Analysis and interpretation of findings was done using both the descriptive and inferential statistical measures, with the help of Statistical Package for Social Scientists (SPSS) 24 and Lisrel (version 9). The electronic social media service quality (E-S-SERVQUAL) scale which consist of five constructs, namely; social media system availability, efficiency, fulfilment, privacy and overall service quality; and client loyalty intentions were the scales that were adopted for this study. All the scales used in this study were found to be reliable and valid. Findings of the research study proved that social media system availability, fulfilment, and privacy has a significant influence on the overall service quality of social media in the South African banking industry. In addition, findings of the research revealed that social media efficiency does not significantly influence overall service quality of social media in the South African banking industry. Furthermore, findings of the research also proved that the overall service quality of social media positively influences client loyalty intention in the South African banking industry. The study recommended that managers and marketers should constantly evaluate, monitor, and improve the overall service quality of social media offered to their clients, as it leads to a corresponding increase in overall client satisfaction, which in turn leads to client loyalty in the South African banking industry. However, further research studies may be conducted in other developing countries to gain a wider understanding on the influence of social media service quality on client loyalty in the banking industry.
- Full Text:
- «
- ‹
- 1
- ›
- »