On Mobile Device Security Practices and Training Efficacy: An Empirical Study

The past decade has witnessed an explosion of the penetration of mobile technology through all strata of society. Mobile technologies including cell phones, tablets, and even some e-readers are used for surfing the web, running apps, reading email, posting to social media, conducting banking transactions, etc. This liberation from desktop and laptop machines and from the requirements of a specific geographic location raises concerns regarding the problems and challenges of maintaining security while traversing cyberspace. The purpose of this empirical study is to investigate the attitudes, behaviors, and security practices of business students using mobile devices to access online resources. One group of students surveyed received no specific training regarding mobile security while a second group was surveyed following the completion of an online training program. Results show no significant difference in the security practices of the two groups, indicating that commercially available security training programs are largely inefficacious with respect to modifying student behavior and that additional research on training efficacy is needed.