DESIGNING A BYOD REAL-TIME FORENSIC INVESTIGATION FRAMEWORK FOR DATA LEAKAGE THROUGH MOBILE DEVICES
Loading...
Date
2020-09
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Namibia University of Science and Technology
Abstract
Global digitalisation has perpetuated the use of mobile devices for both personal and workrelated
activities. As such, some African organisations have been allowing their employees to
utilise their personally owned mobile devices to carry out work-related activities all in the
name of convenience, reliability, mobility, and reduced maintenance costs. The Directorate
on Corruption and Economic Offenses (DCEO), being an anti-corruption agency in Lesotho is
embracing the BYOD benefits. However, a couple of challenges have been recorded through
an interview with its employees. Yet still, the DCEO’s employees in different departments are
relishing the benefits of the Bring Your Own Device (BYOD) phenomenon as employees can
telework, access, and respond to their work emails within a pocket’s reach. These mobile
devices can work exactly as the traditional laptops and the desktops and that capability has
fuelled their predominant use.
Considering the type of sensitive information that the DCEO works with, it was interesting in
the present study to know whether the agency is maintaining its data security as the very
same perpetual utilisation of personally owned mobile devices has resulted in mobile devices
to be the number one target for hackers as well as their use by internal employees to commit
cybercrimes. Their mobility and Internet connection capabilities make them lucrative to
attacks. The use of personally owned mobile devices has also proven to be a challenge for the
IT department at the DCEO and the digital forensic investigators as there has been little
knowledge on the BYOD security; the legislative and also the law side on how to handle digital
forensic investigations of personally owned mobile devices that are used to perform workrelated
activities in the event of a breach. Thus, the study aimed to design a real-time forensic
investigation framework that could assist the DCEO with proper deployment, management
of BYOD adoption, and real-time digital forensics investigation of data leakage through
personally owned mobile devices.
The study followed a mixed-method research approach where a single case study was
conducted and this was complemented with an experiment. This pragmatic study enabled
v
the researcher to gather primary data using interviews, questionnaires, and experimentation.
Thematic data analyses were used to make meaning of the interview and survey data, and
the case site results demonstrated a lack of information security awareness, training, and
education; lack of a Bring your Own Device policy; lack of infrastructure, and lack IT security
governance. The results revealed that android mobile devices are the most used by DCEO
employees for work-related activities. The experimentation was then conducted on android
mobile devices to ascertain the existence of data leakage. The results revealed the challenges
of using personally owned android mobile devices to access corporate data and other
resources. The findings were validated using literature and thus informed the design of the
Real-Time BYOD Digital Forensic Investigation Framework. A comparative evaluation was
used to evaluate the relevancy and usability of the framework. To confirm its relevancy,
usability and suitability expert reviews were employed against set metrics which assisted in
redefining the framework components and structure, thus enhancing the framework’s ability
to attaining the research objectives. The proposed Real-Time BYOD Digital Forensic
Investigation Framework guides BYOD enabled organisations to investigate malicious
activities committed through personally owned mobile devices. An implementation guide
was also developed. This study adds to the understanding of how to securely adopt BYOD
phenomena within the working environments as well as how to account for breaches that
are committed through employees’ devices through organisational policies enforcement.
Furthermore, the study can aid some organisations in Lesotho and other similar
environments that have adopted BYOD with proper management and some understanding
of how to perform internal digital forensic investigations in cases where sensitive
organisational data might be leaking through their personally owned mobile devices.
Description
Keywords
BYOD security, Data leakage, Digital Forensics, Information security, Mobile security
Citation
Morolong, M.P. (2020). Designing a byod real-time forensic investigation framework for data leakage through mobile devices. (Unpublished master's thesis). Namibia University of Science and Technology, Windhoek.