Shihepo, Ester2023-07-052023-07-052023-05-30Shihepo, E. (2023). Designing a bring your own device security awareness model for mobile device users in Namibian enterprises [Master’s thesis, Namibia University of Science and Technology].http://ir.nust.na:8080/jspui/handle/10628/998The phrase Bring Your Own Device (BYOD) also known as Dual-Use Devices is a mutual practice which has increased employees’ access to new mobile technologies and a rising trend within many organisations. The concept refers to employers allowing their employees to bring their personal mobile devices to workplaces and use them as their workstations. Enterprises are enjoying the benefits of BYOD, which allows them to cut operational costs as they do not need to purchase computers for their employees. Employees are enjoying the comfort and convenience offered by BYOD; however, this exposes organisations to security breaches. There is currently a lack of security awareness among mobile device users within enterprises against BYOD cyber threats. The situation has made it difficult for organisations to monitor the usage of resources among the mobile users towards protecting the confidentiality, integrity, and availability of corporate data. Moreover, cyber attackers see more potential with mobile devices as company and personal data get mixed up on such devices. Although the BYOD concept has not been formally implemented within the enterprise, it does not mean that the enterprise data is not prone to attackers. This study presents a BYOD Security Awareness Model designed following Design Science Research methods based on findings of a single case study conducted in one of the enterprises in Windhoek, Namibia. Qualitative research following the interpretivism philosophy was used. To select participants, purposeful random sampling method was used for this study. Data was collected using interviews, a questionnaire and through literature review. Furthermore, the study implemented the qualitative content analysis as the data analysis technique. The study identified malware and network spoofing as some of the BYOD related threats affecting the case enterprise. The researcher observed lack of end user awareness on BYOD security as a cause of BYOD related security threats. The study identified four main components of the model namely: BYOD threats, security awareness, policy and access control. The BYOD security awareness model will be a guideline to Namibian enterprises in creating BYOD security awareness among their mobile devices with the aim to safeguard the organisational data. Furthermore, the findings will also contribute to the new technology horizon of Namibia’s future BYOD security awareness by motivating enterprises to implement mechanisms that will protect the enterprise confidential information. Since Namibia is reported as one of the least ranked countries in Africa in terms of cyber security, the model is a guideline on how enterprises can create BYOD security awareness among users within their enterprises and improve their security posture as well as that of the nation. Additionally, the model will also contribute to the BYOD security awareness knowledge to researchers and practitioners through conference papers and thesis publication.enBring Your Own Device, threats, awareness, model, security, users, enterprise.DESIGNING A BRING YOUR OWN DEVICE SECURITY AWARENESS MODEL FOR MOBILE DEVICE USERS IN NAMIBIAN ENTERPRISESThesis