Presented to the Interdisciplinary Studies Program: Applied Information Management and the Graduate School of the University of Oregon in partial fulfillment of the requirement for the degree of Master of Science CAPSTONE REPORT University of Oregon Applied Information Management Program Continuing Education 1277 University of Oregon Eugene, OR 97403-1277 (800) 824-2714 Factors for Consideration when Developing a Bring Your Own Device (BYOD) Strategy in Higher Education Scott Emery Co-CIO/Director of Academic Technology California College of the Arts July 2012 Approved by ________________________________________________________ Dr. Linda F. Ettinger Senior Academic Director, AIM Program Running  head:  DEVELOPING  AN  INSTITUTION-­‐WIDE  BYOD  STRATEGY   1   Factors for Consideration when Developing a Bring Your Own Device (BYOD) Strategy in Higher Education Scott Emery California College of the Arts DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 2   DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 3   Abstract The consumerization of IT changes the ways in which IT departments must plan for and manage technology. This annotated bibliography presents factors for consideration by IT leaders in higher education when developing an institution-wide strategy to address the use of personally owned mobile handheld devices, known as bring your own device (BYOD). Literature published between 2007 and 2012 is examined in regards to four categories: (a) policy creation, (b) data security, (c) user education, and (d) mobile learning. Keywords: BYOD, BYOD college, BYOD higher education, BYOD management, BYOD planning, Consumerization of IT, MDM, Mobile devices, Mobile device management, Mobile learning DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 4   Table of Contents Abstract...............................................................................................................................3 List of Tables ......................................................................................................................7 Introduction........................................................................................................................9 Purpose ............................................................................................................................. 10 Audience........................................................................................................................... 11 Significance ...................................................................................................................... 12 Research Questions .......................................................................................................... 12 Delimitations .................................................................................................................... 13 Reading Plan Preview....................................................................................................... 15 Organizational Plan Preview ............................................................................................ 16 Definitions.........................................................................................................................17 Research Parameters .......................................................................................................19 Search Process .................................................................................................................. 19 Keywords and Key Phrases .............................................................................................. 19 Literature Resources ......................................................................................................... 21 Search Results .................................................................................................................. 21 Documentation Approach................................................................................................. 21 Literature Evaluation Criteria........................................................................................... 23 Reading Plan..................................................................................................................... 24 Organizational Plan .......................................................................................................... 26 Annotated Bibliography ..................................................................................................28 BYOD Policy.................................................................................................................... 28 DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 5   Data Security and BYOD ................................................................................................. 42 User Education and BYOD .............................................................................................. 54 Mobile Learning and BYOD ............................................................................................ 62 Conclusion ........................................................................................................................90 References.......................................................................................................................102 DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 6   List of Tables DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 7   DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 8   Introduction Problem An increasing number of organizations are opening their networks and data to consumer handheld mobile smart devices, such as the iPhone, Android phones, and iPad (Trend Micro, 2012). This trend is creating a phenomenon known as the “consumerization of IT” (International Data Corporation, 2011, p. 1) in the workplace, where users favor the use of their own personal devices over those that would otherwise be provided by their organization’s IT department (Garlati, 2011). According to a 2011 Trend Micro report, users prefer to use their own personal devices in the workplace because they are (a) easier to use, (b) more convenient, and (c) allow them to mix their personal and work-related information (Garlati, 2011). The trend toward the use of personally owned handheld mobile smart devices can be traced back to the unveiling of Apple’s first iPhone in 2007 which was the first smart phone designed with a multi-touch interface (Kim, 2011). Since then, a number of notable changes have taken place in the smart phone industry, including (a) Google’s introduction of the Android operating system, (b) Hewlett Packard’s acquisition of Palm, and (c) Nokia’s partnership with Microsoft to run Windows Phone 7 on new Nokia smart phone hardware (Kim, 2011). Furthermore, as a result of the technological innovations introduced in Apple’s first iPhone (Kim, 2011), consumer demand of smart phones is on the rise. According to Gartner (2012), worldwide smart phone sales hit 472 million units in 2011, up 58 percent from 2010, and are projected to reach 1.1 billion units by 2015. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 9   Purpose The purpose of this annotated bibliography is to identify factors for IT leaders to consider when developing a strategy (School CIO, 2012) that addresses the use of personally owned mobile handheld devices for teaching, learning, and administration within a higher education institution. As noted by Green (2007), the proliferation of personally owned mobile devices in the workplace is raising new challenges for IT departments who are primarily responsible for developing an institution-wide strategy that leverages this trend in alignment with an institution’s strategic plan. This annotated bibliography is framed by a pre-selected set of four larger categories of factors, related to the consumerization of IT, that should be addressed in the development of an institution- wide strategy that addresses BYOD. Factor categories include: (a) policy (Green, 2007), (b) security (International Data Corporation, 2011), (c) user education (Markelj & Bernick, 2012), and (d) mobile learning (Akour, 2009). Policy development. One of the goals of this study is to identify a set of factors that can be used to guide the development of policies that address the consumerization of IT throughout an organization (International Data Corporation, 2011). Factors for policy development may include how to manage (a) authorized use, (b) prohibited use, (c) systems management, (d) policy violations, (e) policy review, and (f) limitations of liability (Green, 2007). Security. Another set of factors addresses the security of information that is accessed on mobile devices (International Data Corporation, 2011). Potential factors may include (a) unauthorized access to sensitive data stored on the device, (b) DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 10   unauthorized access to data stored on an organization’s network, (c) attacks from malicious software, and (d) the ability to impersonate the user (Markelj & Bernik, 2012). User education. A third set of factors addresses user education; potential factors may include raising user awareness of safety standards and regulations for mobile devices (Markelj & Bernick, 2012). Mobile device user education may also include these factors: (a) social media usage, (b) personally identifiable information, (c) strong passwords, and (d) privacy settings (Wittman, 2011). Mobile learning. The fourth category addresses the use of mobile devices for learning, or “m-Learning” (Akour, 2009, p. 33). Potential factors involved in this concept include (a) student readiness for mobile learning, (b) ease of access and convenience to learn with a mobile device, (c) quality of service, including content quality, reliability, and personalization, (d) extrinsic influences, and (e) institutional commitment to mobile learning, among others (Akour, 2009). Audience This annotated bibliography is designed to help IT leaders in higher education understand the factors involved in preparing an institution for BYOD in the classroom and campus workplace. These IT leaders include CIOs, CTOs, Directors of IT, and Directors of Information Services (IS). This group is responsible for setting the vision and strategic direction of IT, IS, and information management for an institution and thus, are responsible for gathering the information necessary and working with key stakeholders in order to develop an institution-wide BYOD mobility strategy (Tucci, 2011). This group is responsible for managing an annual operating budget, including DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 11   equipment, maintenance, and human resources to support an institution’s information technology needs. Significance According to a 2011 International Data Corporation (IDC) study on the consumerization of IT, 40.7% of the devices used by information workers to access business applications are personally owned, an increase of 10% over 2010 (Burt, 2011). The ongoing use of personally owned mobile devices in the workplace is forecasted to continue to grow. According to Cisco Systems’ annual Visual Networking Index Forecast released in June 2011, by 2015, “there will be almost 15 billion network- connected devices, including smart phones, notebooks, tablets, and other smart machines, translating to more than two devices for every person on the planet” (Burt, 2011, p.30). As a result, IT departments are factoring in the challenges of BYOD into their strategic planning for how information is managed across the enterprise, including (a) securing an organization’s data, (b) ensuring quality of service, and (c) setting policies that determine the level of access (Burt, 2011). Research Questions The purpose of this annotated bibliography is to identify literature that examines the use of personally owned mobile devices in a higher education institution, in relation to the concept of the commercialization of IT. Focus is on both the workplace and classroom, with the goal to develop a set of the factors for consideration when developing an institution-wide BYOD strategy. The annotated bibliography is organized around the following content areas, framed as research questions: DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 12   Central question. What factors must be considered to develop an institution-wide BYOD strategy for mobile devices used by students, faculty, and staff in relation to four pre-selected larger categories concerning the consumerization of IT: (a) policy, (b) security, (c) user education, and (d) mobile learning? Sub-questions. • What factors should be considered when developing a policy for the acceptable and prohibited uses of personally owned mobile devices (International Data Corporation, 2011)? • What factors should be considered to ensure an institution’s data is secure while enabling the use of personally owned mobile devices (Markelj & Bernik, 2012)? • What factors should be considered to raise user awareness of safety standards and regulations when using a personally owned mobile device (Wittman, 2011)? • What factors should be considered when designing learning experiences that accommodate the unique technical aspects of mobile devices (Akour, 2009)? Delimitations This annotated bibliography is delimited in the following ways: Topic scope. Focus is placed on the specific factors involved in creating a strategy that enables the use of personally owned mobile handheld devices in a higher education institution in relation to four pre-selected larger categories, including (a) policy, (b) security, (c) user education, and (d) learning on mobile devices. According to Wittman (2011), the first three categories harness the upside of BYOD while managing the associated risks in the development of an institution-wide BYOD strategy. The final DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 13   category factors in the specific organizational context of this study, within an institution of higher education (Akour, 2009). Exclusions. This annotated bibliography is not focused on a BYOD strategy for specific higher education institutions but rather on the general factors involved in planning a BYOD strategy to support an institution’s teaching, learning, and administrative objectives. This annotated bibliography does not seek to recommend a specific implementation for an institution’s data networking infrastructure, but rather on how an institution’s data network can be designed to improve data security factors relative to the use of personally owned mobile handheld devices by its users. Time frame. Literature collection is limited to materials published from 2007 to 2012. The early date is chosen because of the launch of Apple’s iPhone, the first smartphone with a multi-touch screen interface (Kim, 2011). This innovation led to groundbreaking changes in the smartphone industry, including (a) smartphone hardware design, (b) operating system design, (c) telecommunication carrier subscriptions, (d) worldwide smartphone adoption, (e) introduction of multi-touch tablets, and (f) a multi- billion dollar microapp market (Kim, 2011). Literature collection criteria. The literature collected for this research is limited to materials available from recognized academic and professional sources (Creswell, 2009). This includes several sources available through the University of Oregon’s library, including (a) the ACM Online Library, (b) Academic Search Premier, (c) Factiva, (d) ieeExplore, (e) LexisNexis, and (f) ScienceDirect. Additional sources include (a) the New Media Consortium, (b) USA Today, (c) Cisco Systems, (d) GovernmentNews.com, (e) TechTarget.com, (f) Gigaom, and (g) OnlineCollege.org. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 14   Audience. This researcher currently co-manages the information technology operations of a private, non-profit art and design college. In this position, the researcher is responsible for working with the students, faculty, and staff to plan and implement a college-wide strategic direction for IT. This includes a forward-thinking strategy that addresses the consumerization of IT and leverages the benefits of BYOD in alignment with the college’s mission and strategic plan. The audience for this annotated bibliography includes technology professionals in similar roles within higher education, specifically those who are responsible for setting the strategic direction of technology for an institution. This collection of research is intended to aid an institution’s senior IT leaders by informing the decisions that will define an institution’s approach to BYOD. Reading Plan Preview The reading plan for this study follows a conceptual analysis process (Busch et al., 2005) that examines the selected references in relation to concepts embedded in a central research question and three sub-questions. The examination requires a deep reading of the reference material and includes the application of a series of coding steps as defined by Busch et al. (2005) in order to analyze (code) the texts based on the presence of specific keywords or phrases that support the research inquiry. The steps in the conceptual analysis coding process are as follows: 1. Determine the number of words and phrases that constitute a concept. 2. Determine the number of concepts to evaluate. 3. Determine whether to code for existence or frequency of words and phrases. 4. Determine how concepts are distinguished. 5. Determine the rules for how concepts will be grouped together. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 15   6. Determine what information is irrelevant and how this information is handled. 7. Determine a coding process. 8. Analyze the resulting references for inclusion in the Annotated Bibliography. Organizational Plan Preview The categorization of the selected references located in the Annotated Bibliography section of this paper and the presentation of the results of the reading plan are organized around a set of themes (Literature review, n.d.). In this Annotated Bibliography, four main themes are explored in detail: (a) factors involved in creating a BYOD policy for an institution, (b) factors involved in taking appropriate data security measures for an institution’s BYOD users, (c) factors involved in user education for personal mobile device usage within an institution, and (d) factors involved in learning with personal mobile devices. The purpose of this plan is to organize information in a manner that provides the audience with a clear alignment between answers to the research questions and selected literature. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 16   Definitions This annotated bibliography examines literature concerning the planning of a BYOD mobile device strategy for higher education institutions. The definitions of terms and phrases are derived from the selected literature so as to be meaningful within an information technology or higher education setting. The following definitions are provided in order to help the reader understand the meaning of these industry terms. Age of Mobilism – An appellation used to signify a point in history where people are able to communicate all the time, globally, at an affordable cost (Norris & Soloway, 2011). Bring Your Own Device (BYOD) – A term used to refer to the trend of bringing a personally owned mobile device to the workplace for use and connectivity on an institutional network (International Data Corporation, 2011). iPhone – A handheld mobile device made by Apple that combines a phone, music and video player, and Internet browser with a multi-touch interface (Crisp & Williams, 2009). Microapp – An application specifically developed and designed for use on a mobile handheld device (Kim, 2011). Mobile Device – A handheld computing device that can be used from multiple locations. Examples include basic phones, portable media players, and smartphones (Crisp & Williams, 2009). Mobile Device Management (MDM) – Software designed to securely manage mobile devices used across an enterprise (Trend Micro, 2012). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 17   Mobile learning (M-Learning) – A learning model that provides ubiquitous, mobile, and anytime access to educational and university resources empowered by mobile technology in its connected or disconnected form (Akour, 2009). Mobile Learning Context – Information and communications technology is expanding the boundaries of education outside of the traditional classroom and facilitating access to classroom information that is not limited by time. This context of learning can facilitate the communication between instructors and students both inside and outside of the classroom and potentially alter the concept of the classroom (Akour, 2009). Multi-touch Interface – A touch-sensing surface that has the ability to recognize the presence of two or more points of contact with the surface (Blindmann, 2011). Operating system – A software program that manages computer hardware resources and provides services for application software (Kim, 2011). Short Message Service (SMS) – A text messaging service of mobile communications systems using standardized communications protocols that allow the exchange of short text messages between fixed line or mobile line devices (Motiwalla, 2007). Smartphone – A fully-featured mobile telephone with personal computer-like functionality (Green, 2007). Tablet – A mobile computer integrated into a multi-touch screen and operated by touching the screen rather than using a physical keyboard and mouse (Burt, 2011). Telecommunication Carrier – A provider of telecommunications services (Kim, 2011). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 18   Research Parameters This section of the document defines the research design of the study, including the presentation of the search process, keywords and phrases, and literature resources, including the databases used and the approach to documenting the information. Additionally, the criteria used for evaluating the literature is presented, along with the full plans that describe how the literature is analyzed and subsequently organized. Search Process Broad searches are performed initially to determine the extent of literature and related research materials available on this topic. Searches are then narrowed to the years since 2007 in order to hone in on specific, relevant literature given the contemporary nature of the topic. Key content areas include (a) bring your own device (BYOD) (Thomson, 2012), (b) the consumerization of IT (International Data Corporation, 2011), (c) trends in personal mobile device ownership (Norris & Soloway, 2011), (d) BYOD security policy creation (Green, 2007), (e) BYOD user education (Wittman, 2011), and (f) learning on mobile devices (Akour, 2009). Keywords and Key Phrases Keywords for the initial searches are derived from literature written on the current and future state of information technology for organizations, including the 2011 Horizon Report (New Media Consortium, 2012), and websites that focus on the consumerization of IT (International Data Corporation, 2011). Additional keywords are found through ongoing research findings. Keywords are combined to form key phrases used in the search of viable research material. Acronyms are used as independent keywords and combined with other DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 19   keywords to create new key phrases. The words used to create acronyms are also combined to form key phrases. The following keywords and key phrases are utilized: • BYOD • BYOD college • BYOD enterprise • BYOD higher education • BYOD management • BYOD planning • BYOD security • BYOD strategies • BYOD strategy • BYOD user education • BYOD university • BYOT • Bring your own device • CIO BYOD • CIO IT strategy • Consumerization • Consumerization of IT • MDM • MDM strategies • MDM BYOD • Mobile device DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 20   • Mobile devices • Mobile device management • Mobile device user education • Mobile device user privacy • Mobile learning Literature Resources Databases. Search terms are used against multiple databases in order to expose full-text journal articles written on the topic of BYOD and the consumerization of IT. Searches are focused on the University of Oregon’s commercial databases, including (a) the ACM Digital Library, (b) Academic Search Premier, (c) Factiva, (d) ieeExplore, (e) LexisNexis, and (f) ScienceDirect, as well as Google Scholar. Search engines. Searches are also performed through the general Google search engine. The primary method of gathering data is through document collection. Search Results Initial search results exposed several full-text articles on the phenomenon of BYOD in an enterprise environment. The articles found to be scholarly works and applicable to this study are mined for new keywords and key phrases and combined with known keywords to search for new research material. Documentation Approach Two methods are used to document pertinent research material found through the search results. The first method is the utilization of a computer software tool, Zotero, designed to collect and organize research material. Within Zotero, a main collection is created representing this annotated bibliography, with several subcollections created in DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 21   order to organize all research materials used as references in this annotated bibliography. These subcollection labels are: • Networking – collection of materials related to data networking guidelines and strategies. • Policy – collection of materials related to the development of BYOD policies. • Security – collection of materials related to the applicable data security practices. • Supportive materials – collection of other materials that support the contextual aspects of the topic of this Annotated Bibliography. • Training – collection of materials related to the user education of personally-owned devices used for work-related purposes in the workplace. All research materials in Zotero are categorized using one of Zotero’s built-in item types required in order to fully utilize the software’s functions. These items types are: • Book • Book Section • Document • Journal Article • Web Page Furthermore, annotations are used in each portable document format (PDF) document in order to call attention to pertinent information for use within this annotated bibliography. The second documentation method is the implementation of a custom system where all pertinent documents are saved to a computer hard drive. Each document is renamed using a custom nomenclature and organized in custom folders by the week in which the document was discovered during the period of gathering research for this annotated DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 22   bibliography. Each document is renamed following a naming structure that includes (a) the author’s last name, (b) the year the work was published, and (c) the title of the article. For documents found to have potential value to this study, though not included in the reference list of the Annotated Bibliography section of the paper, an underscore is added at the beginning of the document name in order to organize these documents when sorted in alphabetical order. Literature Evaluation Criteria Literature credibility is established by implementing the guidelines described by Bell and Smith (2009) for inclusion in this Annotated Bibliography: Relevance. The relevance assessment reviews whether the literature addresses the research questions and is appropriate for this Annotated Bibliography. Currency. Once the literature is deemed to be relevant, the date of publication is considered. This study is limited to works published between 2007 and 2012. Quality. If the relevance and currency of the literature is acceptable, the quality of the work is reviewed, including (a) the literature’s organization, (b) descriptive headings, (c) grammar, (d) spelling, (e) inclusion of documented sources, and (f) overall clarity of the writing. Objectivity. Once the quality of the literature is deemed to be acceptable, the work is reviewed for author objectivity. Specific criteria include the citing of authoritative sources, addressing opposing points of view, and the inclusion of evidence to support arguments and conclusions. If author bias is present and not acknowledged, the work is excluded. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 23   Authority. If the work is deemed to be objective, the author’s credentials are examined by using available biographic data, such as professional affiliations to known organizations and past writings. Additionally, the publisher’s reputation is examined by performing web searches for other professional publications. Coverage. Finally, once the authority of the literature is found to be acceptable, the reference is compared against the existing collection of references to confirm that its content updates or supports the other literature. Reading Plan The reading plan is conducted by following a process known as conceptual analysis (Busch et al., 2005). This process is described through a series of eight steps that define an approach to coding selected literature for the purpose of analysis. Once the selected references have met the evaluation criteria for inclusion in this study, the process of coding is conducted and involves the application of the following eight steps: Level of analysis. The words and phrases that are relevant to the concepts of this study are defined by the research questions of this study, such as BYOD, mobile devices, policy, security, and education. Other words or phrases that define the level of analysis include higher education and consumerization. Quantity of concepts. The references selected for this Annotated Bibliography are coded based on three key concepts that are rooted in the research questions relative to developing a BYOD strategy for higher education institutions. They are (a) factors involved in creating a BYOD policy for an institution, (b) factors involved in taking appropriate data security measures for an institution’s BYOD users, (c) factors involved in user education for personal mobile device usage within an institution, and (d) factors DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 24   involved with learning on a mobile device. While these concepts are pre-defined, new words or phrases are added to the keywords list as they emerge and sub-concepts are added interactively. Coding for existence or frequency. This study is coded based on the existence of words and phrases within a reference. The number of times that a word or phrase appears in a reference is not a relevant parameter. Once a word or phrase is discovered, the context is reviewed for assessment of validity to the topic. Distinguishing concepts. The concepts of this study are coded so that similar concepts are regarded as a single concept. For example, the concepts of bring your own device and BYOD, or consumerization and consumerization of IT are regarded as the same concept. Rules for coding. Rules are established in order to clarify how similar concepts will be grouped. For example, iPhones, iPads, and smartphones are grouped under a sub- concept of handheld mobile devices. Irrelevant information. Information that is irrelevant to the topic of this study, as defined by the research questions, is excluded from this study. Coding process. References available in electronic format are coded using the search feature in Apple Preview for portable document format (PDF) documents, or Mozilla Firefox for web documents. For sources where a desktop application search feature cannot be used, such as with a digital scan of a hard-copy document, the document is read manually and annotated in Apple Preview. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 25   Concluding analysis. Once the coding process is complete, the information is categorized based on the four key concepts and any other relevant emergent concept. The following organizational plan describes this in detail. Organizational Plan The results of the reading plan analysis are presented as a thematic review that is organized around a topic or issue (Literature Reviews, n.d.). The four themes presented in this study are (a) factors involved in creating a BYOD policy for an institution, (b) factors involved in taking appropriate data security measures for an institution’s BYOD users, (c) factors involved in user education for personal mobile device usage within an institution, and (d) factors involved in the unique aspects of learning on mobile devices. A brief summary of each theme is described below: Theme 1 – BYOD policy. This section presents a discussion on the factors involved in creating a BYOD policy for an institution. The anticipated factors relative to policy development may include how to manage (a) authorized use, (b) prohibited use, (c) systems management, (d) policy violations, (e) policy review, and (f) limitations of liability (Green, 2007). Theme 2 – Data security and BYOD. This theme presents a discussion on the factors involved in taking appropriate data security measures to support an institution’s BYOD culture. The anticipated factors relative to data security in this context include (a) unauthorized access to sensitive data stored on the device, (b) unauthorized access to data stored on an organization’s network, (c) attacks from malicious software, and (d) the ability to impersonate the user (Markelj & Bernik, 2012). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 26   Theme 3 – User education and BYOD. This theme discusses the factors involved in user education for personal mobile device usage within an institution. The anticipated factors involved in user education within this context include (a) social media usage, (b) personally identifiable information, (c) strong passwords, and (d) privacy settings (Wittman, 2011). Theme 4 – Mobile learning and BYOD. This theme discusses the factors involved in learning with a personal mobile device. The anticipated factors involved in mobile learning within this context include (a) student readiness, (b) ease of access, (c) quality of service, (d) extrinsic influences, and (e) institutional commitment, among others (Akour, 2009). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 27   Annotated Bibliography This section of the paper provides a list of 29 key references selected to support this study. Each reference provides information in relation to the consumerization of IT and BYOD for an enterprise, specifically within an institution of higher education. Each annotation includes (a) the complete bibliographic citation, (b) a published abstract, (c) an analysis of credibility, and (d) a summary describing relevancy to this study. Selected references are organized into four themes, framed in relation to concepts addressed in the research questions. BYOD Policy This section presents a discussion of the factors involved in creating a BYOD policy for an institution. Factors relative to policy development include how to manage: (a) authorized use, (b) prohibited use, (c) systems management, (d) policy violations, (e) policy review, and (f) limitations of liability (Green, 2007). Green, A. (2007). Management of security policies for mobile devices. Proceedings of the 4th annual conference on information security curriculum development. doi: 10.1145/1409908.1409933 Abstract. This paper discusses management of security policies for mobile devices. The increasing use of mobile devices in the workplace is covered, as well as new software applications that allow employees to use their mobile devices to increase their productivity. Various risks to businesses arising from compromised mobile devices are discussed. Mobile devices are defined, as are some common attack vectors currently present in most devices. A framework for creating mobile device security policies is discussed, and sample policy language for mobile DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 28   devices is offered. Credibility. Andy Green has both an undergraduate degree and a Masters degree in Information Systems, with a concentration on information security. He has been teaching undergraduate courses in information security at Kennesaw State University (KSU) since 2008 and also serves on the Board of Advisors for the KSU Center for Information Security Education, as well as being a research associate for the Center. A key reference cited by this article is Principles of Information Security by Michael E. Whitman and Herbert J. Mattord, a graduate- level academic textbook. The paper was published by the Association for Computing Machinery (ACM), an educational and scientific computing society that serves the computing profession with leading-edge publications, conferences, and career resources. Summary. This article presents several examples of how mobile devices can receive attacks and the subsequent risks these attacks can place on an organization. The variety of attack vectors include (a) virus-infected mobile devices, (b) data theft by an organization’s employees, (c) bluetooth technology, and (d) wireless technology. Furthermore, the article outlines the Issue-Specific Security Policies framework offered by Whitman and Mattord in their textbook, Principles of Information Security, for composing a security policy for mobile device usage in an organization. This framework defines seven sections for policy composition, including (a) a statement of purpose, (b) authorized uses, (c) prohibited uses, (d) systems management, (e) violations of policy, (f) policy review and modification, and (g) limitations of liability. According to the author, this framework is DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 29   recommended over others because of its ease of understanding and use, as well as its clearly defined sections. The author concludes that while mobile device usage is a good way to increase employee productivity, without proper management and control, these devices provide an avenue for attack on an organization’s information assets. The author emphasizes that mobile devices are computing devices and organizational policy must treat them appropriately. Harris, C. (2012). IT executive and CEO survey final report: Mobile consumerization trends and perceptions. Used by permission of Trend Micro for the purpose of this study. Abstract. The overall objectives of this project are to (a) assess awareness of issues related to IT consumerization within the enterprise, (b) learn about attitudes, perceptions, and internal policy development related to consumerization, and (c) identify other emerging concerns. “Consumer IT” has been identified as a significant cross-industry trend, with a recent study demonstrating that 87% of executives say their employees are using personal devices for work-related purposes, with tasks ranging from email to calendaring, to ERP and CRM functions. This has placed pressure on management to develop effective policies surrounding the incorporation of personal devices, cloud services, and other manifestations of “consumer IT” in the workplace. In order to better understand how this is affecting the workplace IT environment, and how executives are making sense of it, the proposed study will target management with direct and recent involvement in considering the impact of consumerization at their company and/or making policy decisions related to it. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 30   Credibility. Cheryl Harris has a PhD in research methods from the University of Massachusetts, Amherst, and is currently the Chief Information Officer (CIO) at Decisive Analytics, a company specializing in providing analytical solutions for government agencies and commercial businesses. Ms. Harris was also an Associate Professor at the University of South Carolina from 2005 to 2010, teaching courses in online media and digital marketing, as well as serving on several dissertation and thesis committees. The findings of this survey data were based on an online survey conducted with IT executives and CEOs of companies with 500 employees or more located in the United States, United Kingdom, and Germany, between January 3, 2012 and January 11, 2012. Seventy eight percent of all companies who participated in this survey allowed employees to use their personal mobile devices for work-related activities. This report was provided by Trend Micro, a global provider of Internet content security, cloud security, and threat management solutions. Summary. This 62-page survey report includes the original 35-question online questionnaire and a summary of findings, including (a) respondent demographics and organization profiles, (b) BYOD practices, (c) security breaches and measures, (d) perceptions of BYOD, and (e) predictions for the future. The author presents 10 conclusions and recommendations based on the survey findings and provides a written explanation for each point. These 10 points are: (a) BYOD is already common; (b) security breaches have been experienced by nearly half of all responding organizations; (c) CEOs are generally more enthusiastic about BYOD than are IT executives; (d) BYOD gives organizations a competitive advantage; (e) DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 31   BYOD is seen as an employee retention and recruiting tool; (f) BYOD enhances innovation and creativity, and boosts productivity; (g) employees prefer organizations that permit BYOD, as do customers; (h) BYOD decreases or does not impact overall costs; and (i) BYOD growth in the workplace is seen as inevitable. International Data Corporation. (2011). 2011 Consumerization of IT study: Closing the consumerization gap. Framingham, MA: Gens, F., Levitas, D., & Segal, R. Abstract. Consumerization of IT is fundamentally changing the way IT – and business in general – operates today. It is deeper and much farther-reaching than simply allowing employees to bring their own personally purchased PCs and devices to work (also known as “bring your own devices” or BYOD). It touches upon enterprise use of applications such as Facebook, Twitter, and other social media with consumer roots, and is dramatically extending a wide range of employee-facing (internal) and customer and partner-facing (external) business processes. To better understand the size, scope, and complexity of this phenomenon, IDC worked with Unisys for the second year running to gauge how consumer technologies are being used in the workplace, and how enterprise IT shops are faring in addressing this changing landscape. Credibility. Frank Gens is the Senior Vice President and Chief Analyst at International Data Corporation (IDC), a global provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology markets. A 25-year veteran of the IT research and advisory services business, Mr. Gens is a speaker at executive forums on the state DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 32   and future of the IT industry around the world and is a member of IDC’s Research Quality Board. Danielle Levitas is the Group Vice President of IDC’s Consumer, Broadband, and Digital Marketplace team. Rebecca Segal is the Vice President of IDC’s Global Services Markets and Trends group. This study was sponsored by Unisys, a global company providing outsourced information technology services for businesses and governments focusing on data security, data centers, end user support, and application modernization services. The findings of this report are derived from a survey conducted worldwide of over 3,000 information workers and business executives in nine countries on the consumerization of IT. Summary. This 21-page survey includes several key findings regarding the accelerating rate of consumer IT adoption in the enterprise. These findings include: (a) consumer technologies are already being used extensively in the enterprise and are growing in importance, (b) demand for mobility is accelerating and amplifying the trend toward the use of consumer technologies in the workplace, (c) there is a growing business use of a diverse range of social media applications that have consumer roots, and (d) the flow is two-way, with work time flowing into personal time, making workers more productive. The findings of the report indicate that enterprises are embracing the employee-owned device model due to (a) the rise of individual smartphone purchasing, (b) the need to cut IT costs, and (c) the availability of mobile device management (MDM) solutions that address a heterogeneous device environment. Finally, the report includes several key points that an enterprise can consider in order to formally support the adoption of consumer devices and applications in the workplace, including (a) establish or DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 33   revamp polices that deal with this reality, (b) invest in technologies and services that allow security on personally-owned devices, (c) develop better visibility into an organization’s adoption of consumer-rooted devices, and (d) engage the organization’s executives. Mansfield-Devine, S. (2012). Interview: BYOD and the enterprise network. Computer Fraud & Security, 2012(4), 14-17. doi:10.1016/S1361-3723(12)70031-3 Abstract. Bring Your Own Device (BYOD) is a trend that many organisations are confused or concerned about. In this interview, Frank Andrus, CTO at Bradford Networks, explains that data leaks, malware and hacking aren't the only issues. There are more fundamental concerns with how your networks are managed. And the solution might be to work with users, rather than simply trying to control them. Credibility. Steve Mansfield-Devine is a freelance journalist who has covered the IT industry for more than 30 years. He specializes in information security and is the editor of Network Security and Computer Fraud & Security, two monthly journals published by Elsevier that focus on current IT and information security issues. Articles submitted to these journals are peer reviewed. Frank Andrus is the Chief Technology Officer (CTO) at Bradford Networks, a North American company that provides solutions to enable secure network access for corporate- issued and personal mobile devices. Summary. This article raises three key points regarding BYOD strategy for an organization and considerations for developing policy that enables BYOD. The first point raised by Andrus is the shift from the company to the individual DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 34   owning the desktop. According to Andrus, employees are becoming more a part of an organization’s security model due to this shift. As a result, organizations need the ability to know what devices are being used and why someone would want to use that device. The second point raised by Andrus is the impact on an organization’s system and network resources due to the number of devices being used per user. Andrus points out that in higher education, the ratio of user-to- device is no longer one-to-one but one-to-three or more. Andrus’ third point involves education and teamwork between IT department and user. According to Andrus, users commonly know as much or more about their device than the IT staff, and as a result, need to be involved in building the security policy. Finally, Andrus’ experience in higher education led to the development of a 10-step process for creating a BYOD plan, which is outlined in the literature. These 10 steps are: (a) determine what mobile devices your organization will allow; (b) determine the operating system versions your organization will allow; (c) determine what applications are required and those that are not permitted; (d) determine what groups of users will be allowed to use these devices; (e) determine how network access will be assigned based on who, what, where, and when; (f) educate the users before they buy a mobile device; (g) inventory authorized and unauthorized users; (h) control the access to the network based on risk posture; and (i) implement continuous vulnerability assessment and remediation. Sen, P. K. (2012). Consumerization of information technology drivers, benefits and challenges for New Zealand corporates. Retrieved from DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 35   http://researcharchive.vuw.ac.nz/bitstream/handle/10063/2095/thesis.pdf?sequence=1 Abstract. Consumerization of Information Technology (IT) is a trend where people bring in personal technologies to work. This research reports on the state of this trend in corporate New Zealand (NZ) and concentrates on three areas, (a) drivers, (b) benefits, and (c) challenges. In a qualitative approach, data was collected through interviews and a focus group discussion. The responses reveal that the corporate challenges of consumerization exceed the benefits, and not many complete and affordable solutions for the businesses are available. Most important risks identified are around protecting sensitive corporate information and meeting legal obligations. Recent economic downturn is a further contributory factor affecting the budgetary and resource decisions at the workplace. The research observes that trade and market-research journals, exhibitions, and seminars, are supporting and influencing IT decision makers on their constant lookout for latest developments in this area. As the responses were not bound by set questionnaires, a large number of unique viewpoints are elicited through the research, which does not appear in existing publications. The study also finds consumerization in NZ is at an early stage, and notes that little research has been done on it. Credibility. Palash Kanti Sen has a Masters degree in information management as a result of writing this thesis as part of a graduate requirement at the Victoria University of Wellington. The study was supervised by Dr. David Mason, the undergraduate program director for the university’s School of Information Management. Several of the references cited by this thesis are from a collection DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 36   of journal articles, peer-reviewed articles, and reports formatted using full bibliographic citations. This thesis was provided by the online public research archive of the University of Wellington. Summary. This study centers around a central research question, “what are the drivers, benefits, and challenges of the consumerization of IT with respect to corporate New Zealand?” (p. 5). The paper presents a discussion and findings of the consumerization of IT, including (a) the drivers, (b) the corporate benefits, and (c) the corporate challenges. Some of the drivers include (a) increasing adoption of consumer mobile devices, (b) the blurring of work and home, (c) the rise of social networks, and (d) increasing mobility of users. In terms of benefits, the author’s research includes (a) an acceleration of business growth, (b) productivity due to employees bringing in new technology, (c) employee productivity through trust, and (d) cost benefits to the organization. Finally, in terms of challenges, the author mentions (a) security challenges, (b) support and control challenges, (c) changing policy needs, and (d) challenges around evolving relations and expectations. The author concludes that organizations will be slow adopters of the IT consumerization concept due to a shortage of cost-efficient mobile device management solutions to choose from, and the fear felt by IT executives to invest in new infrastructure that diminishes control of a company’s information and enables the use of personally-owned mobile devices in the enterprise. Ullman, E. (2012). BYOD strategies: Strategies for K-12 technology leaders. Technology & Learning, 32 (7), 34-37. Retrieved from: DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 37   http://www.schoolcio.com/article/byod-strategies/52201 Abstract. The article presents information on how to make bring your own device (BYOD) programs work. The technology team at Lake Travis Independent School District began planning for the BYOD program in 2011. According to a report, about 35 percent of the district participated in the program and more people are participating in the program every week. Credibility. Ellen Ullman is currently the Editor for School CIO, a web publication that provides ideas, strategies, and resources for senior-level technology leaders in K-12 school districts. School CIO is produced by the editors of Tech & Learning, a leading publication in the educational technology market for over 30 years. The author is also a freelance writer and editor for a variety of journals and magazines including Technology & Learning, Community College Journal, and Community College Times, covering education and educational technology topics. Summary. This article presents the methods that three school districts took to implement a BYOD program. The first school district, the Lake Travis Independent School District, implemented a strategy for device provision that required high-income families to purchase devices for their children, middle- income families to purchase or lease devices at a discount, and low-income families to receive devices funded through a bond package. Wireless access points were added to the district schools to bolster wireless coverage using a Cisco network back-end that recognized whether a device is a district-approved device or not. The second school district, the New Canaan Public Schools, DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 38   implemented a program that allowed students to register their devices on the school’s wireless network. The school’s wired and wireless networks have intentionally been separated so that either can be independently managed. The third school district, the Osseo Area Schools, implemented a process where instructors decide whether or not to introduce BYOD in the classroom. The school district uses web-based tools throughout their classrooms, including Google Apps for Education and Moodle. Both of these resources only require a web browser and a wireless network for access. Wilson, S. & McCarthy, G. (2010). The mobile university: From the library to the campus. Reference Services Review, 38(2) 214-232. doi: 10.1108/00907321011044990 Abstract. The purpose of this paper is to review one library’s experiences of creating mobile services and illustrate how, by developing expertise in emerging technologies, libraries can foster partnerships with other groups on campus and play a leading role in providing relevant student-centered services. The paper begins with a brief summary of mobile services offered by the Ryerson Library prior to the fall of 2008, discusses the results of a mobile device survey conducted that semester, and outlines the resulting mobile services that were developed by the Library which led to a campus-wide collaboration to develop the framework for a student-led mobile initiative. The technical framework and project management issues are also discussed. A survey performed by the Ryerson University Library in the fall of 2008 indicated that smart phones were owned by approximately 20 percent of the student population but that within the next three years this figure DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 39   could reach as much as 80 percent. To remain relevant, it is important that libraries adapt their services to this new environment. The paper illustrates how library services can be adapted to the mobile environment and how the library can play a role in broader campus mobile initiatives. All libraries will be interested in exploring the library services that were developed and adapted for mobile devices and of particular interest to academic libraries will be the building of collaborative relationships with other academic departments to provide services to students. Credibility. Sally Wilson has a Masters degree in library science and is the Web Services Librarian at Ryerson University in Toronto, Canada. Graham McCarthy has a Masters degree in information science from the University of Toronto and is currently the Chief Technology Officer at HitSend, Inc. He was formerly a Systems Analyst at the Ryerson University Library and acted as Project Manager for Ryerson University’s mobile initiative. This article cites references from several peer-reviewed articles, including the Educause Learning Initiative (ELI) and the Educause Center for Applied Research (ECAR). Both of these Educause organizations are comprised of educators and IT professionals from a community of higher education institutions. Reference Services Review (RSR) is a quarterly, refereed, international journal dedicated to the enrichment of reference knowledge and the advancement of reference and library user services. Summary. This article covers the Ryerson University Library’s mobile initiative project called “Ryerson mobile” (p. 217), including (a) the research that led to the creation of the project, (b) a description of the project, including the project collaborators and their roles, (c) the technical framework, (d) how the project was DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 40   implemented, (e) pitfalls and emerging issues, (f) an assessment and evaluation after the first year, and (g) future considerations for the initiative. In November 2008, the Ryerson Library conducted a survey of mobile device usage in order to understand what devices were in use, what they were being used for, and what library services that users were interested in seeing. From the results of this survey, the Library led a discussion with several university departments on the idea of creating mobile applications. The result of those conversations led to the creation of several mobile apps, including (a) a campus directory, (b) class schedule, and (c) campus map. The decision was made to develop mobile apps that were device agnostic for the following reasons: (a) the resources required to program for different mobile operating systems were too great, (b) university programmers would need to develop expertise in more than one proprietary programming language, and (c) the costs associated with licensing frameworks and software development kits was cost prohibitive. The project faced several pitfalls that stemmed from the wide variety of mobile devices available, including (a) screen resolution differences, (b) browser configuration differences, and (c) scripting capabilities. As a result, the decision was made to cater Ryerson’s services to the devices with the widest market appeal, the Apple iPhone and Blackberry smartphones. As a result of Ryerson’s evaluation of this initiative, the future of the initiative includes (a) ongoing promotion of the service, (b) creation of additional mobile apps, and (c) the creation of a custom mobile app storefront where campus community developers could potentially create custom Ryerson mobile apps. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 41   Data Security and BYOD This theme presents a discussion of the factors involved in taking appropriate data security measures to support an institution-wide BYOD culture. Factors relative to data security include: (a) unauthorized access to sensitive data stored on the device, (b) unauthorized access to data stored on an organization’s network, (c) attacks from malicious software, and (d) the ability to impersonate the user (Markelj & Bernik, 2012). Burt, J. (2011). BYOD trend pressures corporate networks. eWeek, 28(14), 30-31. Retrieved from: http://web.ebscohost.com/ehost/detail?sid=6b0434ee-970c-40b4- 85fc-ba28a2b4e26a%40sessionmgr104&vid=1&hid=113&bdata=JnNpdGU 9ZWhvc3QtbGl2ZSZzY29wZT1zaXRl#db=voh&AN=65469365 Abstract. The article focuses on the impact of the increasing adaptation of Bring Your Own Device (BYOD) attitude of employees on corporate network safety of business enterprises worldwide. It says that employees are progressively using personally owned mobile devices including smart phones and tablets to access business applications, according to the 2011 consumerization study conducted by IDC. It notes that the study found out that the BYOD trend continues despite security and support issues. Credibility. Jeffrey Burt is a freelance journalist with more than 25 years of writing, editing, and management experience in the IT and environmental technology industries. He was formerly the east coast Managing Editor at eWEEK, a weekly computing business magazine that provides product information for enterprise-level IT professionals, including lab analysis and practical tools for evaluating, acquiring, installing, configuring, and maintaining DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 42   IT products and services. This article references information and research provided by Unisys, as well as Cisco Systems’ annual visual Networking Index Forecast and was published by eWEEK. Summary. This article presents information that (a) supports the growing trend of workers using their personal mobile devices in the workplace, (b) describes the security challenges that this presents for enterprise IT and how a few companies are addressing them, and (c) examines the approach that some companies are taking toward BYOD policy creation. According to Cisco Systems’ annual Visual Networking Index Forecast, by 2015, there will be almost 15 billion network-connected devices in use on the planet (Cisco Systems, 2011). According to the author, vendors are seeking ways to develop solutions that make it easier for businesses to identify and authenticate employee-owned devices that request access to a company’s data network. Simultaneously, IT departments are developing policy for BYOD to enable the use of employee-owned devices in the workplace while keeping the data network secure. The author presents a solution crafted by Unisys that would require users to sign an acceptable use agreement (AUA) before being permitted to use an employee-owned device. Clark, N., Karatzouni, S., & Furnell, S. (2009). Flexible and transparent user authentication for mobile devices. doi:10.1007/978-3-642-01244-0_1 Abstract. The mobile device has become a ubiquitous technology that is capable of supporting an increasingly large array of services, applications and information. Given their increasing importance, it is imperative to ensure that such devices are not misused or abused. Unfortunately, a key enabling control to DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 43   prevent this, user authentication, has not kept up with the advances in device technology. This paper presents the outcomes of a 2 year study that proposes the use of transparent and continuous biometric authentication of the user: providing more comprehensive identity verification; minimizing user inconvenience; and providing security throughout the period of use. A Non-Intrusive and Continuous Authentication (NICA) system is described that maintains a continuous measure of confidence in the identity of the user, removing access to sensitive services and information with low confidence levels and providing automatic access with higher confidence levels. An evaluation of the framework is undertaken from an end-user perspective via a trial involving 27 participants. Whilst the findings raise concerns over education, privacy and intrusiveness, overall 92% of users felt the system offered a more secure environment when compared to existing forms of authentication. Credibility. Nathan Clarke has a PhD in information security and is an Associate Professor in information security and digital forensics at Plymouth University in the United Kingdom. He has written numerous journal articles on the topic of information security and has co-authored two published books on computer forensics and information security. Sevasti Karatzouni was a graduate research student at Plymouth University at the time of this article’s publication. Steven Furnell has a PhD in information systems security at Plymouth University and is currently the Head of School at Plymouth University’s School of Computing and Mathematics as well as an adjunct professor at Edith Cowan University in Perth, Western Australia. Most of the references cited in this article are from Clarke and DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 44   Furnell’s own published research, including papers in conference proceedings. This article is included in the International Federation for Information Processing (IFIP) publication that focuses on the advances in information and communication technology published by Springer, a publisher of science and business information. Summary. This paper presents the results from a two-year study investigating a new user authentication approach for mobile devices. The authors frame their argument for improved security for mobile devices around the evolution of smartphone technology. With a rich range of features and functions and the ability to access and store a wide variety of sensitive information, the loss of a personal mobile device poses significant risks to a user’s personal information. The authors propose a new authentication scheme called, “non-intrusive and continuous authentication (NICA)” (p. 3). The proposed framework includes (a) the ability to capture and authenticate biometric samples, (b) an intelligent controller, (c) administrative capabilities, and (d) storage of the biometric profiles and authentication algorithms. The authors describe a proof-of-concept prototype that was developed to assess the effectiveness of the proposed framework. An end-user trial involving 27 participants was conducted. The resulting research found that a majority of the participants felt confident in the additional security measures built in to NICA, though they also found that widespread adoption of a NICA authentication scheme would be a challenge considering the number of worldwide users that own mobile devices. Next steps are discussed, including a more flexible approach to NICA’s biometric approach to user authentication. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 45   Demski, J. (2011). The consumerization of IT: Pendulum or wrecking ball? Campus Technology, 25(2), 32-38. Retrieved from http://campustechnology.imirus.com/Mpowered/book/vcampus11/i10/p1 Abstract. The burgeoning consumer-tech market is creating new challenges for higher education IT departments. As increased expectations of mobility and connectivity have students and faculty looking to consumer technology to meet their academic needs, IT must revamp operations and infrastructure to meet the demand, while keeping security risks and budgets in check. Is the new consumer IT model here to stay? While some IT administrators hope that the pendulum will eventually swing back to centralized, institutionally controlled IT, experts warn that the drive toward consumerization will fundamentally change IT operations for good. Credibility. Jennifer Demski is a freelance writer based in Brooklyn, New York. Her articles have been published in several publications, including Campus Technology and T.H.E. Journal. The interviewees of this article include Sheri Stahler, Associate Vice President for Computer Services at Temple University, Ronald Danielson, Vice Provost for Information Services and CIO at Santa Clara University, and Carol Smith, CIO of DePauw University. Campus Technology is a monthly magazine focusing on the use of technology across all areas of higher education. Summary. This article interviews three higher education IT executives on the topic of the consumerization of IT and how their institutions are tackling this trend. The author poses five questions to the interviewees: (a) “do you see the DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 46   consumerization of IT as something that needs to be contained and controlled, or as an inevitable evolution of the campus computing environment”? (p. 34), (b) “how do you ensure the security of your campus network in a tech environment where users rely on personal devices, social networking software, apps, and other possibly vulnerable consumer IT products?” (p. 34), (c) “what is the role of central IT in this new computing environment?” (p. 36), (d) “what effect does the consumerization of IT have on the tech budget?” (p. 38), and (e) “what is your best piece of advice for campus tech administrators who are facing this challenge?” (p. 38). A few themes surface in the responses by the IT executives, including (a) the consumerization of IT, particularly the use of personally-owned mobile devices, is beyond the point of being controlled and something that IT departments should embrace, (b) security of an institution’s network is a key factor for any mobile device strategy, (c) central IT must have high visibility into the devices used at the institution, how they’re used, and for what purpose, and (d) the consumerization of IT is here to stay. Markelj, B., & Bernik, I. (2012). Mobile devices and corporate data security. International Journal of Education and Information Technologies, 6(1), 97-104. http://www.naun.org/journals/educationinformation/17-591.pdf Abstract. Ensuring protection of corporate data has only recently become a main concern in the information and communication technology industry. In the past two years or so the use of mobile devices to access data has become a lot more frequent, therefore data security is now a new challenge for users and managers of information and computer systems alike – they all have to be aware of cyber DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 47   threats, and the measures, which must necessarily be undertaken to maintain an adequate level of information security. Software for mobile devices, combined with the Internet, now provides easy and fast access to data and information; this relatively new technology facilitates rapid decision-making. Sophisticated software enables users to manage data and carry out various tasks on-line. The security of corporate data, in incidences when mobile devices are used to access information systems, can only be upheld, if users comply with certain safety measures. Credibility. Blaz Markelj is an Assistant Professor at the University of Maribor in Slovenia where he teaches courses in information security and computer systems. Igor Bernik has a PhD in information security and is also an Assistant Professor at the University of Maribor in Slovenia. References cited for this article include a variety of peer-reviewed journal articles, conference proceedings, and industry research websites. All articles published in the International Journal of Education and Information Technologies are peer-reviewed by two independent reviewers. Acceptance is granted when both reviewers’ recommendations are positive. Summary. This article describes why information security is a necessity in an environment where mobile device ownership has become ubiquitous in the workplace. The authors describe (a) the evolution of mobile device usage, (b) the concept of “blended threats” (p. 98), (c) recommendations for safe usage, (d) security solutions, and (e) safety standards and regulations. According to a 2011 International Data Corporation report, smartphone sales outpaced personal DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 48   computer sales for the first time (International Data Corporation, 2011). The authors assert that users who use their mobile devices for both work and personal needs put both their personal information as well as their employer’s business information potentially at risk due to (a) device theft, (b) lack of user education to properly secure their mobile device, and (c) lack of planning and implementation by IT organizations to appropriately protect against mobile device security threats. A mobile device can become susceptible to a blend of threats due to the ability to connect to multiple networks simultaneously, such as an organization’s data network and the Internet. In order to preserve the security of the user’s and organization’s information, the authors recommend the following points for mobile device users: (a) while using a mobile device to connect to an organization’s information system, disconnect the device’s connection to the Internet. This measure ensures the device’s network connection is isolated to only the organization’s information system; (b) keep system software updated or upgraded, both on the user’s mobile device as well as an on the organization’s information system; (c) implement secure certificates when user authentication is necessary on an organization’s information system; and (d) implement data encryption and decryption on the organization’s information system. Markelj and Bernik recommend that an organization should consider the following points when devising safety regulations: (a) better information security can be achieved if an organization defines its own safety standards and regulations; (b) safety regulations are a control factor, functioning as preventive measures in cases of irresponsible usage of mobile devices in the work environment; (c) safety DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 49   regulations define how and why mobile devices and software can be used; and (d) safety regulations define legal responsibilities of the user and the organization if damages arise from irresponsible usage of mobile devices. Subramanian, L., Maguire, G. Q., & Stephanow, P. (2011). An architecture to provide cloud based security services for smartphones. Retrieved from: http://141.12.72.110/wp-content/uploads/2012/01/An-Architecture-To-Provide- Cloud-Based-Security-Services-For-Smartphones.pdf Abstract. Smartphones offer functionalities to end users which were formerly only provided by personal computers. However, the adaptation of technologies enabling these functionalities also inherited the vulnerabilities of these technologies. To enable smartphones to address these threats, appropriate security measures have to be identified and implemented. Another technology which has recently gained popularity is cloud computing. Due to the resource constraints of smartphones, realizing security services for smartphones in the form of cloud services seem to be a natural fit. This paper proposes a generic architecture for providing security services in the cloud for smartphones within a corporate environment. Preliminary results of experimental performance and battery measurements are presented supporting the core idea of the architecture to offload computationally expensive security functions from smartphones to resource rich cloud environments. Credibility. Lakshmi Subramanian and Gerald Q. Maguire, Jr. are both professors at the School of Information and Communication Technology at the Royal Institute of Technology in Stockholm, Sweden. Phillip Stephanow was the DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 50   former head of the Secure Services and Quality Testing division at the Fraunhofer Research Institution for Applied and Integrated Security (AISEC) in Munich, Germany. The references cited in this article include a variety of peer-reviewed journal articles, conference proceedings, and industry research websites. The reference was downloaded from a server that is hosted by Fraunhofer AISEC. This is a refereed conference paper, delivered at the 27th Meeting of the Wireless World Research Forum (WWRF), held in Dusseldorf, Germany, in October, 2011. Summary. This article seeks to resolve the security vulnerabilities present in the functionality of smartphones by implementing an architecture for security services in the cloud within an organizational work environment. The authors define a taxonomy for smartphone security that starts with three main categories: (a) threats, (b) infection channels, and (c) security functions. Under each of these three categories are five subcategories. Five threats are defined as (a) denial-of- service (DoS), (b) information theft, (c) theft-of-service, (d) spam, and (e) malware. Five infection channels are defined as (a) Bluetooth connections, (b) short message service (SMS) or multimedia message service (MMS) connections, (c) Internet connections, (d) connections to removal media, and (e) connections to other devices. Five security functions are defined as (a) encryption, (b) digital signatures, (c) anti-virus, (d) anti-theft, and (e) authentication. The authors propose a Security as a Service (SecaaS) architecture, which is a generic security architecture for all smartphone platforms, enabling cloud-based services for smartphones. The basic idea behind the proposal is to create a cloned replica of DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 51   the smartphone in the cloud which can be regularly synchronized and used by the smartphone user while working on an organization’s information system instead of using the smartphone’s local services. Under this model, an IT organization can implement control mechanisms for each user’s virtualized replica. Security functions are implemented on the cloned replicas in the cloud, including (a) anti- virus scanning, (b) secure browsing, (c) OS integrity checks, (d) policy control, and (e) secure storage. The authors state that (a) technical feasibility, and (b) practicability of smartphone replication in the cloud need to be examined. Thomson, G. (2012). BYOD: Enabling the chaos. Network Security, 2, 5-8. doi: 10.1016/S1353-4858(12)70013-2 Abstract. Trends such as the influx of consumer devices into the workplace will require more flexible and creative solutions from IT staff for maintaining security while enabling access to collaborative technologies. Given the desire of workers to bring the devices they use at home into the workplace, enterprises need to adopt a ‘bring your own device’ (BYOD) vision – that is, securing the network and data regardless of how workers access information. Credibility. Gordon Thomson is the Head of Security Sales, EMEAR (Europe, Middle East, Africa, and Russia) for Cisco Systems, based in the United Kingdom. The article was published in Network Security, a monthly journal published by Elsevier containing peer-reviewed, full-text articles on data networking vulnerabilities and solutions, data recovery, international developments, and case studies. Summary. This article seeks to inform and motivate IT leaders to consider DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 52   security solutions that enable the desire of workers to bring their own devices from home into the workplace. Thomson believes that enabling users to leverage their personally-owned mobile devices for work purposes will create a competitive advantage for the organization. The author argues that today’s millennial workers expect to be able to integrate their personal devices in the workplace and enable their ability to work from wherever, whenever. Thomson refers to Cisco’s ConnectedWorld Technology Report to make three key points regarding the expectations of young professionals: (a) three in 10 young professionals globally admit that the absence of remote access in the workplace would influence their job decision, (b) nearly two in three college students expect that, when they are in the workforce, they will be able to access their employer’s network using their personal computing devices, and (c) 71% of college students share the view that employer-issued devices should be available for both work and play because work time blends with personal time (Cisco Systems, 2011). Additionally, Thomson argues that access to social media and technology freedom of choice will become make-or-break benefits for young workers considering where to start their careers. According to the same Cisco report, the author supports his argument with the following three points: (a) three out of four employees surveyed believe their organization should allow them to access social media and personal websites with their work-issued device; (b) 40% of college students said they would break an organization’s social media rules; (c) 29% of college students said they would decline a job offer from an organization that did not allow them to access social media during working hours, and of those who would accept of job, only 30% said DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 53   they would abide by the stated policies. User Education and BYOD This theme discusses the factors involved in user education for personal mobile device usage within an institution. Factors involved in user education include (a) social media usage, (b) personally identifiable information, (c) strong passwords, and (d) privacy settings (Wittman, 2011). Dobbin, G., Dahlstrom, E., & Sheehan, M. C. (2011). The ECAR study of mobile IT in higher education, 2011. Retrieved from: http://net.educause.edu/ir/library/pdf/ERS1104/ERS1104.pdf Abstract. Discussion about mobile IT in higher education is ubiquitous, but attaining benefits of mobility does not come easily. The ECAR mobile IT study gathered quantitative and qualitative data from a representative sample of 209 higher education institutions. Most respondents to ECAR's 2011 study report little progress in making institutional services, applications, and websites accessible on mobile devices. The average respondent institution has enabled only a few services for mobile access. Institutions that have invested more money and those that have larger numbers of staff assigned to mobile-enablement initiatives show greater progress. Mobile enablement of student-facing services has taken highest priority to date, and we see considerably more mobile progress in areas that are given higher priority. Development strategies for mobile computing include mobile web, native apps, and mobile frameworks. Institutions pursuing a portfolio DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 54   approach to mobility—using different development strategies for different services—show greater progress in deploying mobile services. Credibility. Gregory Dobbin has a Masters degree in English and is an Editor and Project Manager at Educause, a non-profit association whose mission is to advance higher education by promoting the intelligent use of information technology. Eden Dahlstrom has an EdD from the University of Southern California and is a Senior Research Analyst for Educause. Mark Sheehan was the Executive Director for Information Services and Chief Technology Officer for the Montana State University flagship campus in Bozeman, Montana. In addition, Sheehan served as a Senior Research Analyst for Educause and was appointed a Fellow of the Educause Center for Applied Research (ECAR). This ECAR study is published by Educause, a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. Summary. This study seeks to inform IT leaders in higher education on the subject of mobile IT by providing the results to a survey conducted by the authors covering three main topics: (a) respondent demographics, (b) mobile activity today, and (c) mobile development planning. Two hundred and nine respondents from over 900 colleges and universities participated. According to the student respondents, 87% owned a laptop and 55% owned a smartphone. Of those smartphone owners, 92% use them to send or receive text messages or take photos, and more than 50% used them for a variety of functions, including email, recording video, playing games, playing music, and accessing social networking sites. The study also shows that more than 50% of the college presidents DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 55   surveyed owned an iPhone. For those respondents whose institutions have clear goals for mobile device enablement, three key points play into an overall plan to achieve these goals: (a) identifying a leader of mobile enablement, (b) developing a strategy, and (c) foster collaborations. For the majority of institutions that participated, central IT led the movement and was primarily responsible for setting the direction for mobile enablement. Wittman, A. (2011). BYOD? First get serious about data security. Information Week 1316, 46. Retrieved from: http://global.factiva.com/aa/?ref=IWK0000020111114e7be0000a&pp=1&fcpil =en&napc=S&sa_from= Abstract. The article discusses ways on how information technology (IT) teams manage devices they do not own. It suggests on keeping data protected at its native-use level through putting a password, encrypting, and making anonymized version easily available. It also stresses that IT should educate their users. It states that users should be aware of the ways they can access and use data safely, and how they can protect sensitive information. Credibility. Art Wittman is the director of InformationWeek Reports where he oversees the business and content of InformationWeek’s research and reports business. Prior to working in IT journalism, he was the associate director of the computer-aided engineering center at the University of Wisconsin, Madison. InformationWeek Reports publishes peer-reviewed articles, research reports, and best practice guidebooks for subscribers on a wide range of information DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 56   technology topics, including benchmark surveys, government policy compliance, analysis, and case studies. Summary. This article seeks to inform small-to-medium sized organizations on ways to harness the upside of BYOD in the workplace while managing associated risks. The four strategies presented by the author are: (a) employee education, (b) technology use policy, (c) data segregation, and (d) the social factor. The author asserts that employers should organize periodic training so that employees clearly understand the appropriate and inappropriate uses of their personal devices. These trainings should include (a) social media usage, (b) personally identifiable information, (c) strong passwords, and (d) attention to privacy settings. Wittman also asserts that creating a policy around what is and isn’t acceptable usage by employees’ personal mobile devices needs to be addressed, as well as the employee’s responsibilities for retaining and storing data. The purpose for segregating personal and work-related data on a mobile device is discussed. The author argues that organizations should provision storage space for employees to back up their work-related data and to keep their personal data out. Finally, Wittman warns of the danger of social media and the ease with which the professional and private life of an employee can blend. Wittman argues that when the blending of professional and private life happen, an employee’s posts become subject to scrutiny by their employer. Yarmey, K. (2011). Student information literacy in the mobile environment. Educause Quarterly Magazine, 34(1). Retrieved from: DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 57   http://www.educause.edu/EDUCAUSE+Quarterly/EDUCAUSEQuarterlyMagazineV olum/StudentInformationLiteracyinth/225860 Abstract: Keeping up with today's rapid technological changes reveals itself vividly in the changing ways people attempt to gather information. This article describes a survey conducted by the Weinberg Memorial Library at the University of Scranton which analyzed the information retrieval strategies employed by a cohort of undergraduate students. The Scranton Smartphone Survey focused on three critical areas of information literacy among students as defined by the Association of College & Research Libraries' (ACRL) Standards: (a) Searching for information effectively; (b) Critical evaluation of information; and (c) Incorporation of new information into one's knowledge base. The Scranton Smartphone Survey yielded some interesting results both in terms of technological advancement and reliance on traditional standards. Two outcomes stand out: (a) Those using the most user-friendly and interactive of the Internet- capable devices--the iPhone and Android--identified themselves as heralds of future behavior for the larger student body; and (b) In spite of the innovations, most students remain attuned to the need to evaluate the reliability of their sources. Credibility. Kristen Yarmey has a Masters degree in library science from the University of Maryland and serves as an Assistant Professor and Digital Services Librarian at the University of Scranton in Scranton Pennsylvania. The Educause Quarterly Magazine is an online, peer-reviewed, practitioner’s journal from Educause about managing and using information resources in higher education. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 58   The references cited by this article include a variety of research reports and peer- reviewed articles. Summary. This article seeks to provide deeper insight into postsecondary student information literacy with smartphones. The author conducted an electronic survey on smartphone usage to a random sample of 832 undergraduate students at the University of Scranton. There were 333 respondents. The survey findings are broken down into five categories: (a) phone ownership, (b) the academic use of smartphones, (c) searching for information on smartphones, (d) evaluating information on smartphones, and (e) converting information into knowledge on smartphones. Of the respondents, 69% reported owning a smartphone. The author’s report attempted to delve further into the common perception that students think of their smartphones as primarily for communication and entertainment purposes. The findings showed that a majority of respondents use their devices for academic purposes, such as using a (a) calculator; (b) unit conversion tool; (c) dictionary; or (d) subject-specific apps, such as a periodic table or guide to Shakespeare. Furthermore, the report found that a majority of respondents would be willing to pay up to five dollars for an educational app that could help with academic coursework. Information searching on a smartphone was a highly common feature, with 98% of respondents reporting the use of information searches. However, evaluating information on a smartphone was not common, with fewer than 10% of respondents reporting the use of their smartphone to evaluate content. The author reasoned that loading webpages on a smartphone and evaluating content is a time- DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 59   consuming process. Finally, the report found that for the majority of respondents, the smartphone was regarded as a backup to their laptop or desktop computer when it came to reading online. However, 92% of the respondents felt that they could focus their attention while reading on their smartphone. The author asserted that the report may have created more questions than answers, but felt it provided a starting point for future research of student use of smartphones in higher education. Young, J. R. (2011). Top smartphone apps to improve teaching, research, and your life. Education Digest, 76(9), 12-15. Retrieved from http://content.ebscohost.com/ContentServer.asp?T=P&P=AN&K=60226894&S=R& D=aph&EbscoContent=dGJyMNHX8kSeqLY4v%2BbwOLCmr0qep7RSsKi4SrOW xWXS&ContentCustomer=dGJyMPGuslGwrbVNuePfgeyx34vu Abstract. Not long ago, it seemed absurd for academics to carry around a computer, camera, and GPS device everywhere they went. Actually, it still seems absurd. But many professors (and administrators) now do just that in the form of all-in-one devices. Smartphones or tablet computers combine many functions in a hand-held gadget, and some users are discovering clever ways to teach and do research with the ubiquitous machines. Some of the most innovative applications for hand-held devices have come from professors working on their own. They adapt popular smartphone software to the classroom setting, or even write their own code. The author asked about the areas in which professors and college officials are making the most of their mobile devices. In this paper, he shares the DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 60   scenarios that people mentioned most often and the apps in each category that got users' highest marks. Credibility. Jeffrey Young has a Masters degree in communication, culture, and technology from Georgetown University in Washington D.C. and is a senior editor for the Chronicle of Higher Education, an information source on news for college and university faculty members and administrators. In 2007, the Chronicle was ranked in the 10 most credible news sources by Erdos & Morgan, a widely used survey of thought leaders in the United States. Education Digest is a subscription online magazine, with a stated mission to raise the level of awareness and understanding among educators and the public of important current issues in education. Summary. This article seeks to expose some of the top smartphone apps used by higher education instructors and describe their applied use. The author describes several microapps used to support various functions of pedagogy by instructors in higher education, including (a) taking attendance, (b) collecting data, (c) reading scholarly articles, (d) recording notes, (e) using textbook tools, and (f) planning lectures. David M. Reed, a professor of computer science at Capital University in Ohio, created a microapp he named, “Attendance” (p. 13), which uses virtual flashcards to help instructors learn the names of their students. The app sells for $4.99 in Apple’s app store, and has brought in earnings of more than $20,000 for Reed. Another professor at the University of California, Davis, led a research team to build an iPhone app that allows citizen scientists to participate in researching the location and details of roadkill. Dropbox’s microapp was DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 61   mentioned by the author as a commonly used utility by faculty for keeping track of course documents between multiple devices. Another useful function is the smartphone’s built-in digital camera which the author reports is commonly used by faculty for documenting whiteboard notes after an in-class lecture. Publishers are also increasingly offering apps to read e-textbooks on mobile devices. Finally, the author mentions the increasing popularity of mind-mapping software on multi-touch screen mobile devices. Mobile Learning and BYOD This theme discusses the factors involved in learning with a personal mobile device. Factors involved in mobile learning within this context include (a) student readiness, (b) ease of access, (c) quality of service, (d) extrinsic influences, and (e) institutional commitment (Akour, 2009). Akour, H. (2009). Determinants of mobile learning acceptance: An empirical investigation in higher education. Retrieved from ProQuest Abstract. Scope and method of study: The purpose of this study was to investigate the determinants of mobile learning acceptance in higher education. Mobile learning is a rapidly growing method of learning that utilizes mobile devices to deliver content. Acceptance of mobile learning theory was derived from technology acceptance theories. The study developed a new model Mobile Learning Acceptance Model (MLAM) that extended the Technology Acceptance Model (TAM). The model explains the important factors that influence acceptance of mobile learning among university students. The population of the survey was DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 62   limited to freshman students; this population was chosen because the literature indicated a presence of large technology literacy gap (techno-literacy gap) between universities and the new generation of students. Response rate was high at approximately 95%. The survey was administered to different freshman leadership classes as well as a freshman orientation camp. The survey instrument was developed based on the literature and past research. The constructs developed and investigated are: student readiness (self efficacy and commitment), ease of access (convenience), quality of service (content quality, reliability and response, personalization, and privacy and security), extrinsic influence (superior influence and peer influence), university commitment (university support), and the TAM constructs of usefulness, ease of use, attitude, and behavioral intention. Findings and conclusions: The research study concluded that all hypothesized relations in the MLAM model were supported and influence student's acceptance of mobile learning indirectly through usefulness and ease of use. Ease of access was excluded for its mediation effects on ease of use. Quality of service influenced ease of use directly and usefulness indirectly. Usefulness was the stronger predictor of acceptance through its direct and indirect influence on behavioral intention to use (primary predictor of acceptance and use). Extrinsic influence and student readiness were found to be the most influential factors in the model. Tests conducted along the group levels revealed that prior experience has significant affect on acceptance of mobile learning by students. Students who used their device for learning in the past had stronger perceptions of usefulness of mobile learning additionally their behavioral intention to use was stronger. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 63   Credibility. Hassan Akour has a PhD in philosophy from Oklahoma State University. This dissertation was reviewed by a panel of four professors at Oklahoma State University, as well as the university’s dean of the graduate college. This dissertation was published by ProQuest, a company whose mission is to deliver complete and trustworthy information. ProQuest has been publishing dissertations, news, governmental, and cultural archives for over 70 years. The references cited by this dissertation include a variety of peer-reviewed articles, research websites, reports, and conference proceedings. Summary. This doctorate dissertation seeks to answer the following research questions: (a) what are the factors that determine student acceptance of mobile learning?, (b) which factors are the most important or have the most influence on student acceptance of mobile learning?, and (c) how does mobile learning acceptance compare across student groups? The focus of this study is on students in higher education and seeks to give higher education administrators the facility to understand the factors that influence student acceptance of mobile learning. The research in this study is based on a survey conducted with the 3,054 students comprising Oklahoma State University (OSU) freshmen class starting in Fall 2008 at OSU’s freshmen orientation camp. Key findings show that a majority of students felt positively about m-Learning and that it’s a form of learning that should be embraced. However, 26% expressed concerns about m-Learning replacing the interpersonal interactions between student, faculty, and the university, and the learning process becoming too dependent on technology. Another key finding is the potential benefits that m-Learning could provide for DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 64   students with disabilities. The results of this study suggest that the external factors of (a) student readiness, (b) quality of service, (c) extrinsic influences, and (d) university commitment are all determinants of mobile learning acceptance. Crisp, C. B. & Williams, M. L. (2009). Mobile device selection in higher education: iPhone versus iPod touch. Retrieved from http://www.acu.edu/technology/mobilelearning/documents/research/crisp/mobile- device-selection.pdf Abstract. Mobile devices are rapidly becoming the most common interface for accessing network resources (Hall, 2008). By 2015 the average 18-year old will spend the majority of their computing time on mobile devices (Basso, 2009). These trends directly affect institutions of higher learning. Many universities are offering learning initiatives and m-services designed to distribute content and services to mobile devices. In this chapter, we report findings from an exploratory, longitudinal study at iUniversity, where incoming freshmen received their choice of an Apple iPhone or iPod touch. Our findings indicate that users' device selections were affected by their perceptions of the costs of the devices, the devices' relative characteristics, and the social influence of parents. We also found that users' attitude, satisfaction, and confidence about their device selection varied across devices, with iPhone users having more favorable perceptions. The chapter concludes with recommendations for mobile learning initiatives and directions for future research. Credibility. Brad Crisp has a PhD in information systems and a Masters degree in change management. He is an Associate Professor and Director of the School of DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 65   Information Technology and Computing at Abilene Christian University. Michael Williams has a PhD and is an Assistant Professor of information systems at the Graziadio School of Business and Management at Pepperdine University. The article was published online by Abilene Christian University and is hosted on the institution’s public website. The references cited in this article include a variety of peer-reviewed articles, and reports published by the Educause Center for Applied Research (ECAR). Summary. This study seeks to expose the factors that would influence higher education students to (a) choose an iPhone or iPod touch if given the choice of a free device by the institution, and (b) the consequences this choice has on various student outcomes. The three key factors that were found to influence the decision on which mobile device to select were (a) perceived costs, including services and maintenance; (b) perceptions of device characteristics, including usefulness, ease- of-use, and enjoyment; and (c) social influence, including expectations of parents, peers, and faculty. Student outcomes based on the device selected included (a) the student’s attitude toward using the device as part of the college experience, (b) device satisfaction, and (c) decision confidence. The findings based on these factors found that those students who selected the iPhone over the iPod touch were more satisfied with their decision and had a more positive attitude towards the device. Those students who selected the iPod touch were less confident in their decision and were conflicted about their choice. Perceptions of the higher cost to operate an iPhone discouraged iPhone adoption while social influences and perceptions of the iPhone’s increased utility, ease-of-use, and enjoyment favored DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 66   iPhone adoption. The authors introduce the notion of a “cycle of utility” (p. 9) for mobile devices, where users find the utility of a device is amplified by its ongoing integration into existing practices. These findings indicate that the success of a mobile learning initiative is influenced by users’ perceptions of the device and its costs. The authors recommend that higher education institutions should prepare pre-implementation interventions designed to lay the groundwork for effective mobile services and mobile learning, as well as post-implementation interventions to gain user commitment to the initiatives. Hloden, O. (2010). Mobile learning anytime, anywhere. Bioscience, 60(9), 682. doi: 10.1525/bio.2010.60.9.4 Abstract. Some educational institutions are taking the leap to mobile learning (m- Learning) by giving out free iPods. For example, Abilene Christian University gave iPods or iPhones to freshman students and developed 15 Web applications specifically for the mobile devices. The iPod is not the only ubiquitous m-Learning device. Any technology that connects to wireless or mobile phone networks can be used. M-Learning should be familiar territory in many ways. Educators have already discovered the value of e-learning, which has extended education beyond the classroom. And institutions that offer distance education courseware have acquired the technological know-how of connectivity and digital content distribution. Most people are comfortable using digital or Web-based resources to support learning, and many teachers and instructors are skilled at creating modules for custom learning. M-Learning takes what one already knows to the next level. The potential of m-Learning is growing and its new resources continue to be DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 67   developed. Credibility. Oksana Hloden is the Editor-in-chief of ActionBioscience.org, an education resource of the American Institute of Biological Sciences. The article is published by Bioscience, a peer-reviewed monthly journal with content written and edited for accessibility to researchers, educators, and students on education, public policy, history, and the conceptual underpinnings of the biological sciences. Summary. This article seeks to inform educators on the ongoing adoption of m- Learning throughout higher education. The author provides several examples of how m-Learning is being implemented, including (a) California State University’s use of personal mobile devices for instruction to connect field archaeologists with global positioning and geographic information systems software while on field trips; (b) the University of North Carolina, Wilmington’s development of science and mathematics education software for mobile devices as part of their curriculum; (c) Eastern Washington University’s use of mobile device software to conduct assessments, quizzes, and surveys for blended delivery; and (d) the creation and development of a library of mobile device microapps at the University of Athabasca in Canada. The author argues that students already know how to use mobile technology and that it’s up to teachers to add academic value to these tools. The author refers to a 2008 Pew Internet and American Life Project survey which reported that 77% of teens owned a game console, 74% owned an iPod or MP3 player, 71% owned a cell phone, and 60% had a desktop or laptop computer. Lippincott, J. K. (2010). A mobile future for academic libraries. Reference Service Review, 38(2), 205-213. doi: 10.1108/00907321011044981 DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 68   Abstract. Society may be on the verge of a revolutionary phase of mobile device use in higher education generally and in libraries in particular. This paper seeks to address this issue. Through an examination of trends and technological developments in the area of mobile devices and a review of the potential of mobile devices, the paper analyzes the potential of mobile devices in academic libraries. Most college students own cell phones and laptops and the capabilities of these and other devices are expanding. Libraries have the opportunity to extend new types of services to users of mobile devices and to develop, license, or otherwise make available scholarly content that is configured for mobile devices. Ideally, libraries will become part of an institutional planning process for the development of services for mobile devices. The more pervasive use by students of smartphones, the uptake of e-book readers, and the increasing use of mobile devices in some areas of the curriculum all have implications for libraries. Some writers in this area believe that the increased capabilities of mobile devices could lead to new forms of engagement with student learning; this possibility can be embraced by academic libraries that seek to be strong partners in the teaching and learning process of their institution. The paper synthesizes developments and provides suggestions for the future. Credibility. Joan K. Lippincott has a PhD in higher education policy, planning, and administration from the University of Maryland. She is the Associate Executive Director of the Coalition for Networked Information (CNI), a joint program of the Association of Research Libraries (ARL) and Educause. CNI is an institutional membership organization that advances the transformative DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 69   promise of networked information technology for the advancement of scholarly communication and the enrichment of intellectual productivity. Summary. This paper seeks to address the potential impact of smartphone use in higher education in general, and libraries in particular. The author argues that the smartphone can provide capabilities that are similar to laptop computers, including (a) voice and video calling, (b) sending and receiving email, (c) text messaging, (c) searching the Internet, (d) searching databases of scholarly information, (e) organizing citations, (f) accessing a course management system, (g) reading or listening to books and articles, (h) taking photos, (i) playing videos, (j) making videos, (k) setting an alarm clock, (l) using a global positioning satellite (GPS) navigation system, and (m) playing games. A number of trends are mentioned that serve as further evidence of the penetration of smartphones on today’s college campuses, including (a) the accessibility of E-book content, (b) the capability to use mobile phones for payments of goods and services, and (c) the capability of smartphones to not only access information but to capture and share it. Lippincott states her belief that student use of mobile devices in higher education correlates to their major area of study. For example, some departments or colleges, such as health sciences, business, or journalism may integrate the use of mobile devices and applications into the curriculum more quickly than others. The reputation of academic libraries as slow adopters of new technology is discussed. The author states that the rapid of adoption of mobile devices is presenting both challenges and opportunities for academic libraries, as they consider strategies that leverage adoption among users. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 70   Motiwalla, L. F. (2007). Mobile learning: A framework and evaluation. Computers & Education, 49(3), 581-596. doi: 10.1016/j.compedu.2005.10.011 Abstract. Wireless data communications in form of Short Message Service (SMS) and Wireless Access Protocols (WAP) browsers have gained global popularity, yet, not much has been done to extend the usage of these devices in electronic learning (e-learning). This project explores the extension of e-learning into wireless/handheld (W/H) computing devices with the help of a mobile learning (m-Learning) framework. This framework provides the requirements to develop m-Learning applications that can be used to complement classroom or distance learning. A prototype application was developed to link W/H devices to three course websites. The m-Learning applications were pilot-tested for two semesters with a total of 63 students from undergraduate and graduate courses at our university. The students used the m-Learning environment with a variety of W/H devices and reported their experiences through a survey and interviews at the end of the semester. The results from this exploratory study provide a better understanding on the role of mobile technology in higher education. Credibility. Luvai Motiwalla has a Masters degree and a PhD in management information systems from the University of Arizona and is the professor of management information systems at the University of Massachusetts Lowell in the operations and management information systems department. The references cited in this article include a variety of peer-reviewed journal articles, reports, and conference proceedings. The article is published in Computers & Education, an international journal of peer-reviewed works. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 71   Summary. This article seeks to propose and demonstrate how learning can be extended to wireless handheld devices through a mobile learning framework. The author presents examples of the advantages that m-Learning offers and how it has evolved globally in higher education, including (a) the ability to utilize spare time while traveling to finish homework or lesson preparation; (b) the ability to provide continuous two-way conversations and interactions between the teacher and learner, as well as learner to learner; (c) the ability to communicate asynchronously; (d) the ability to use SMS messaging for sharing ideas on discussion topics in class; (e) the ability to create mobile tools to enable learning and communication between a higher education institution and its students, faculty, and staff. The author proposes a mobile learning framework comprised for two levels, (a) mobile connectivity, which focuses on the applications and technology used by commercial establishments to extend electronic commerce; and (b) e-learning, which focuses on the use of the Internet and other information and communication technology. The author states that the power of m-Learning technology can be leveraged by complimenting existing courses with value-added features such as alerts, personalized agents, communication aids, and access to interaction or discussion utilities that help users convert their dead time to productive time while in transit. Simultaneously, Motiwalla states some consequences to the use of mobile technologies by learners, including information and interaction overload due to the ability of being connected anytime and anywhere. New Media Consortium. (2012). The NMC Horizon Report: 2012 Higher Education DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 72   Edition. Austin, Texas: The New Media Consortium. Abstract. Each of the three global editions of the NMC Horizon Report — higher education, primary and secondary education, and museum education — highlights six emerging technologies or practices that are likely to enter mainstream use with their focus sectors within three adoption horizons over the next five years. Key trends and challenges that will affect current practice over the same period frame these discussions. Over the course of just a few weeks in the late fall of 2011, the advisory board came to a consensus about the six topics that appear in the NMC Horizon Report: 2012 Higher Education Edition. The examples and readings under each topic area are meant to provide practical models as well as access to more detailed information. The precise research methodology employed is detailed in the closing section of this report. Credibility. The New Media Consortium (NMC) is an international community of experts in educational technology. Since 2002, the NMC Horizon Report provides insight into the technologies that are most likely to make a significant impact in higher education, K-12, and museum communities based on the consensus opinions of the self-nominated advisory board. The 2012 Horizon Report advisory board for the higher education edition consists of 47 professionals from around the globe, including technologists, educators, and futurists from education, business, and industry. The report is published by the NMC and made available on the NMC website. The 2012 NMC Horizon Project was co-led by two principal investigators, Larry Johnson, the CEO of NMC, and Malcolm Brown, Director of the Educause Learning Initiative (ELI). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 73   Summary. This report presents six technologies to watch that are placed in three adoption timeframes according to their forecasted entrance into mainstream use of teaching, learning, and creative inquiry. Timeframes include near-term, mid- term, and far-term. For the near-term timeframe, that is, within the next 12 months, the two topics are (a) mobile apps, and (b) tablet computing. The advisory board regards mobile apps as the fastest growing dimension of mobile space in higher education, with impacts on virtually every aspect of life, and increasingly, every discipline in the university. Tablet computing presents new opportunities to enhance learning experiences, including the use of high-resolution screens for viewing images and video, and being less disruptive than smartphones while simultaneously being able to tap into all of the advantages that mobile apps bring to smaller devices. For the mid-term timeframe, that is, in two to three years, the two topics are (a) game-based learning, and (b) learning analytics. Game-based learning has grown as research continues to demonstrate its effectiveness for learning, including fostering collaboration and engaging students in the process of learning. Learning analytics aims to mobilize the power of data mining tools in the service of learning, embracing the complexity, diversity, and abundance of information that dynamic learning environments can generate. Finally, for the far-term timeframe, that is, in four to five years, the two topics are (a) gesture-based computing, and (b) the Internet of Things. Gesture-based computing moves the control of computers from a mouse and keyboard to motions of the body, facial expressions, and voice recognition via emerging input DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 74   devices. This includes multi-touch screens of smartphones to voice interpretation software present in current gaming systems, such as Xbox Kinect and Nintendo Wii. The Internet of Things refers to the concept that objects, from lab equipment to refrigerators, can be enabled with unique identifiers and software that allow a user to access information about that object, including its age, shelf life, and environmental data, including temperature and humidity. The 47 advisory board members engaged in a comprehensive review and analysis of research, articles, and papers. Norris, C. A. & Soloway, E. (2011). Learning and schooling in the age of mobilism. Educational Technologies, 51 (6), 3-10. Retrieved from http://cecs5580.pbworks.com/w/file/fetch/50304204/Soloway%20Ed%20Tech- Learning%20and%20Schooling%20in%20the%20Age%20of%20Mobilism.pdf Abstract. Speeding past the Steve Jobs Post-PC Era into the Age of Mobilism, the authors foresee how, by 2015, each and every student in America’s K–12 classrooms will be using their own mobile computing device, with those devices engendering the most disruptive transformation in education in 150 years. Classrooms will move from today’s “I Teach” teacher-centric and, by and large, ineffective and boring pedagogy to a “We Learn” pedagogy where the teacher learns along with the students, mastering content and practicing the key 21st century skills. Credibility. Cathleen A. Norris has a PhD in philosophy and is a regents professor in the College of Education at the University of North Texas. Elliot Soloway has a PhD and is a professor at the University of Michigan with DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 75   appointments in the Department of Electrical Engineering and Computer Science, the School of Education, and the School of Information. The references cited in this article include a variety of peer-reviewed articles, reports, and industry news websites. This paper is available on Cathleen Norris’s course management page for a course titled, CECS 5580 Readings Seminar in Computer Education and Cognitive Systems at the University of North Texas. Summary. This article seeks to explore the opportunity for learning and schooling that is engendered by the Age of Mobilism. The authors present three main topics in exploring this opportunity: (a) the defining characteristics of the Age of Mobilism, (b) evidence to support the claim that the appellation “Age of Mobilism” (p. 3) is warranted, and (c) what happens when each student in a classroom has their own mobile learning device? According to Norris and Soloway, the defining characteristics of the Age of Mobilism include (a) connecting people all the time, everywhere; (b) affordability of handheld mobile devices, and (c) the global interest in mobile computing. The authors state that from 1995 to 2008, desktop computer sales dominated, until in 2008, when laptop sales surpassed desktop sales. According to an IDC report, in February 2011, 4th quarter smartphone sales in 2010 surpassed global PC shipments for the first time in history (International Data Corporation, 2011). By 2014, the report forecasts that mobile web users will outpace desktop web users. Finally, the authors state that a shift from an “I teach” (p. 7) pedagogy, where the teacher and textbook provide students with content and skills they need to master, to a “we learn” (p. 7) pedagogy where the teacher’s role is transformed from the giver of information to DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 76   the director of learning. In a “we learn” pedagogy, the mobile device affords the opportunity by which students can gain direct access to all manner of content as well as manipulate and create content. In the author’s opinion, the device that the majority of students will bring into the classroom under a BYOD mandate will be a smartphone and not a tablet due to the higher cost of the tablet, the connectedness offered by the phone, and the size. Sharples, M., Taylor, J., & Vavoula, G. (2010). A theory of learning for the mobile age: Learning through conversation and exploration across contexts. Medienbildung in Neuen Kulturraumen (pp. 87-99). doi: 10.1007/978-3-531-92133-4_6 Abstract. Most adults and adolescents in developed countries now own mobile phones and media devices, and for many people in developing countries a mobile phone can offer the only means of sending long distance messages. In a parallel development to the spread of personal technology, since the early 1980s schools, colleges and universities have experimented with handheld technology for learning, including classroom response systems, data probes, and handheld writing tools. Universities allow students to bring laptop computers to lectures and some schools are now providing pupils with Personal Digital Assistants and tablet computers. As personal mobile technologies for learning become more widespread, studies are starting to show evidence of the value of incorporating mobile devices in teaching and learning and also substantial issues, including conflicts between informal learning with personal devices and traditional classroom education (Sharples, 2007). Children are developing new skills and literacies enabled by mobile devices, such as SMS texting, moblogging (writing diaries and weblogs on mobile devices) DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 77   and mobile video creation. A new generation of location-aware mobile phones will offer further possibilities, of education services and educational media matched to the learner's context and interests. Credibility. Mike Sharples has a PhD from the University of Edinburgh and is a professor and chair of the Institute of Educational Technology at the Open University in the United Kingdom. Josie Taylor is a professor and director for the Institute of Educational Technology at the Open University in the United Kingdom. Giasemi Vavoula has a PhD in electronic, electrical, and computer engineering and is an academic fellow in the department of museum studies at the University of Leicester in the United Kingdom. The references cited in this article include a variety of peer-reviewed journal articles, conference proceedings, and reports. The article was published in The Sage Handbook of Elearning Research, a 560-page book including research on the field of e-learning, providing reviews of over 20 areas of e-learning research by field experts. Sage has been a recognized leader in academic publishing since its founding in 1965. Summary. This article seeks to propose a theory of learning for a society of ever- increasing personal and social mobility, with a focus on the communicative interaction between the learner and their technology to advance knowing. The authors state that education in the mobile age doesn’t replace formal education; rather, it offers a way to extend the support of learning outside of the classroom. The authors refer to three areas that comprise a framework for education in the mobile age: (a) learning as a conversation, (b) the creation of a context for learning through continual interaction, and (c) a process of appropriation. The authors refer DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 78   to learning as a conversation, with conversation being the fundamental process by which people become informed of each other’s information. The authors state that mobile technology can provide, enrich, or enable the environment in which conversations take place, though for conversations to have meaning in a mobile world, they must have context. There is also a process of appropriation that happens when people are faced with a new tool to support their learning. This process happens naturally as users examine both the possibilities and the constraints that the technology offers. According to the authors, implications of learning as conversations across contexts does the following: (a) it removes the traditional ground of education as the transmission or construction of knowledge within the constraints set by a curriculum, and (b) it replaces this traditional ground of education with a cybernetic process of learning through continual negotiation and exploration. The authors contend that rather than seeing mobile communication and online communities as a threat to formal education, educators need to explore how learning can be transformed for the mobile age. Suki, N. M., & Suki, N. M. (2011). Using mobile device for learning: From students’ perspective. US-China Education Review, 1, 44-53. Retrieved from http://www.eric.ed.gov/ERICWebPortal/contentdelivery/servlet/ERICServlet?accno= ED522204 Abstract. This study aims to examine students’ acceptance of mobile technology usage for learning. A questionnaire designed with five open-ended questions was distributed to 20 students from the Faculty of Industrial Art and Design Technology of Unisel (Universiti Industri Selangor), Malaysia. Results construe DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 79   that students were not keen on m-Learning (mobile learning), as they did not rely greatly on the mobile phone in assessing their learning materials such as lectures and lab sessions. They were more familiar with studio-based and face-to-face learning approach instead of m-Learning and were not receptive to this new idea of learning using mobile technology, even though they always used the mobile device features. The limitations in the mobile device feature, costs and its usability become the prominent factors that hinder the students from fully accomplishing their m-Learning exercises. They were willing to explore the idea of using mobile technology for learning, especially in a studio-based setting. They did not see any improvement of knowledge from the perspective of the learning process know-how to the show-how on mobile technology usage for learning. They could not relate to any learning connection between mobile technology and studio-based learning, even though in the first part of the case study, the results have shown positive attitude and acceptance on the study made on a sample lesson of form, space and gestalt theory in the graphic design subject. Students also obtained analogous experiences on small size keypads, screen resolutions, and navigation which could be the major problematic factors to them and thus, affected their m-Learning process as it was unfriendly to use and the device was prone to damage. They have yet to accept that the concept of mobility in learning is applicable to the learning process, apart from utilizing a mobile device for casual usage. However, this limitation does not restrict the students from exploring this new learning environment in the future, since they were willing to increase their learning exposure using mobile device. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 80   Credibility. Norazah Mohd Suki has a PhD and is an associate professor at the Labuan School of International Business and Finance at the Universiti Malaysia Sabah. Norbayah Mohd Suki is an instructor at the Labuan School of International Business and Finance and the Universiti Malaysia Sabah. The references cited in this article include a variety of conference proceedings and peer-reviewed journal articles. The article is published in the US-China Education Review, a monthly professional academic journal covering research in higher education, psychology, education management, curriculum, and teaching research. Summary. This article seeks to examine student acceptance of mobile technology usage for learning. The authors conducted a study at the design studio in the Faculty of Industrial Art and Design Technology of Unisel, Malaysia, through a five-question questionnaire with 20 student participants. The participants were comprised of 10 males and 10 females between the ages of 19-20 years old. The first question required the students to provide their opinions on the usage of mobile technology for learning and their reliance on the mobile phone in assessing and delivering their learning material. The responses were divided into four themes: (a) resistance of usage due to difficulty to view information on a small screen, (b) reliance and dependency on face-to-face learning, (c) a limited willingness to adopt mobile technology for learning, and (d) limitation of cost to own and maintain a smartphone. The second question asked the students to provide their opinions on whether a mobile device’s features enhance their knowledge from the perspective of the learning process. The responses were DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 81   divided into two general opinions: (a) some respondents were skeptical about the use of mobile technology to improve their knowledge, and (b) some liked the idea that mobile technology could improve their knowledge. The third question asked the students to provide their opinions on whether m-Learning could enhance their knowledge on subjects that they find difficult to understand. Two general themes came through in the responses: (a) mobile devices are used for casual use, not learning use, and (b) only 30% of the respondents felt that the use of mobile technology in learning could somehow enhance their knowledge on difficult subjects. The fourth question required students to provide their opinions on the usability of the handheld mobile device for learning. The prevailing opinion was that they keypad was challenging to use due to the small size. Also, the viewing and learning experience was not clear enough due to the small scale of the screen resolution. The fifth question attempts to elicit the student’s opinions on whether the mobile phone can replace the function of the university in order to gain knowledge in the future. Two prevailing themes came through in the results: (a) an inverse opinion on mobility in learning, that the mobile phone cannot replace the university and that mobile phones are for fun and communication purposes; and (b) the students preferred face-to-face lecturing as the best media for learning instead of mobile phones. The authors conclude that while mobile phones in the classroom have the potential to increase some negative outcomes and distractions, both students and educators can still benefit from an additional channel of communication. For example, the use of SMS messages in the classroom gave the lecturer a perceived gain of quality and quantity of feedback, and the students DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 82   indicated that the system was useful, interesting, and interactive. Villano, M. (2007). Help on the run. Campus Technology, 21(2), 24-30. Retrieved from http://campustechnology.com/Articles/2007/10/Help-on-the-Run.aspx Abstract. Nowadays, college and university auxiliary services departments are turning to text messaging types of technologies to move a host of programs and offerings into the mobile environment. A July 2007 study by Youth Trends indicated that 95 percent of college freshmen come to school with a cell phone or other handheld device, and 78 percent of them have sent a text message. As these technologies have become increasingly prevalent, institutions have responded accordingly. Today, every school with an eye to the future is investing in mobility. Text messaging, however, seems to be popular for personal matters, but not as an advertising or promotion tool. While there is growing retailer interest in mobile marketing, this tells that retailers need to be relevant to this audience to make it an effective channel to communicate. Students are skeptical about subscribing to text- messaging services because of so many negative experiences being bombarded with junk mail and spam. In order for higher education institutions to move auxiliary services into the mobile environment and make good use of technologies such as short message service (SMS), school officials must understand that no user will tolerate redundant and harassing messaging. Those considering a move into this arena need to formulate a text-messaging strategy that revolves around concise messages, infrequent blasts, and an open invitation to opt out if a service becomes too much. Credibility. Matt Villano is a freelance writer, copywriter, and editor and serves DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 83   as a senior contributing editor for Campus Technology, a monthly publication focusing exclusively on the use of technology across all areas of higher education. Potential stories and articles are “pitched” to a staff editor for approval before publishing. Summary. This article seeks to inform higher education administrators on three examples where SMS messaging is being implemented on college campuses as a way to mass communicate campus-wide memos, promotions, and other institution- related information. The first example profiles New Mexico State University’s (NMSU) use of SMS messaging to send its students special offers for or discounted items through the university’s bookstore via text messaging. NMSU signed a contract with Mobile Campus to facilitate this feature, and students have the option to opt-in to the service. The second example profiles Duke University’s implementation of a process that utilizes mobile handheld devices to manage delivery transactions for the institution’s general store delivery service, enabling students to shop online for food items and arrange for store employees to deliver those items. The third example profiles Arizona State University’s Parking and Transit Services department, who implemented a system that enables its passengers to see where each campus shuttle is and when it will arrive on their personal mobile devices. The author concludes that any institution that’s considering a text messaging strategy should formulate it around three criteria: (a) concise messages, (b) infrequent blasts, and (c) an open invitation for users to opt- out of the service. Vogel, D., Kennedy, D., & Chi-Wai Kwok, R. (2009). Does using mobile device DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 84   applications lead to learning? Journal of Interactive Learning Research, 20(4), 469- 485. Abstract. Assessing the impact on learning of the use of mobile devices and associated applications is a complex challenge. This article reports on progress to date in a longitudinal study using a design research approach with three cohorts of 800 students each. Results are encouraging in terms of learning enhancement through select mobile application by a cadre of students but discouraging in terms of sustained use by the majority of students. Issues raised include student appreciation of deep learning and time management as well as aspects of intrinsic and extrinsic motivation. Results demonstrate the need for integrated, pedagogically driven instruction and institutional efforts. Next steps are presented. Credibility. Doug Vogel has a PhD in business administration and is a professor of information systems at the City University of Hong Kong. David Kennedy has a PhD, is an associate professor at the Lingnan University in Hong Kong, and is the director for the teaching and learning center at Lingnan University. Ron Chi- Wai Kwok has a PhD in information systems and is an Associate Professor at the City University of Hong Kong. The references cited in this article include a variety of peer-reviewed journal articles, industry reports, textbooks, and conference proceedings. The article is published in the Journal of Interactive Learning Research, which publishes peer-reviewed papers related to the theory, design, implementation, effectiveness, and impact on education and training in computer-based learning systems, as well as interactive learning environments. Summary. This article reports on a series of interventions that illustrate limited DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 85   success in exploring the implications of mobile applications in educational contexts. The authors provide a background on learning in educational contexts, in organizational contexts, and with mobile devices as a backdrop to describing a project conducted at the City University of Hong Kong (CityU) that seeks to create a mobile learning environment. The projects seeks to (a) develop and evaluate the use of a range of tools designed to support instructors in their quest to match the student learning outcomes with appropriate activities, assessment and feedback; (b) develop the technical infrastructure that enables instructors and students to collaboratively author activities over a network; (c) develop the technical infrastructure that allows lecturers to monitor student activity and learning outcomes from within the university’s learning management system; and (d) provide advice and support for creating a learning environment supported by mobile technology. In order to evaluate these applications, CityU provided every first-year undergraduate student with a personal digital assistant (PDA) in the fall of 2004. CityU continued with this offering for subsequent entering freshmen classes through 2006. Some notable results of this study include: (a) use of the PDAs for instructional purposes was strong in the beginning of the academic years, but waned in later months of the year; (b) broader use of the PDAs across courses that didn’t require their use did not emerge; (c) faculty development in terms of integrating mobile technology was varied and depended on the faculty member’s personal interest; (d) faculty were generally more engaged in supporting existing pedagogy rather than innovating the curriculum; and (e) administrators in general had not committed to a mobile-oriented, student-centered experience which was DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 86   needed to emerge as an agreed upon vision with the academics. The authors conclude that a future of leveraging mobile technology for learning seems uncertain at this time. According to the authors, embracing the use of mobile technology goes beyond student acceptance of the technology, but also embraces a variety of instructor, pedagogy, and institutional issues and challenges. The authors conclude that the use of mobile technology for learning is a complex problem domain that justifies rich methodological process engaging both further evaluation and theory. Wang, R., Wiesemes, R., & Gibbons, C. (2011). Developing digital fluency through ubiquitous mobile devices: Findings from a small-scale study. Computers & Education, 58(1), 570-578. doi: 10.1016/j.compedu.2011.04.013 Abstract. As part of the Visual Learning Lab’s initiative of promoting visual learning supported through technologies in Higher Education, this VLL-funded study explored part-time mature doctoral students’ use and perceptions of a mobile device in support of their research activities. The study was conducted by the Graduate School in collaboration with the School of Nursing at the University of Nottingham. Six students participated in the study for a period of six months. The methodology was qualitative and included semi-structured exit interviews. By re- analysing the original study (Gibbons, 2009), this paper raises a vital question about what constitutes a meaningful mobile learning experience which takes into account the different biographical and life stage factors. It challenges the ongoing debate on generational issues on uses of mobile or other digital technologies and leads to discussion of the concept of digital fluency with all learners. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 87   Credibility. RuoLan Wang has a PhD in education from the University of Exeter and is a research fellow at the visual learning lab at the University of Nottingham in the United Kingdom. Rolf Wiesemes has a PhD and is a senior research fellow at the visual learning lab at the University of Nottingham in the United Kingdom. Cathy Gibbons has a PhD and is the research development manager for the graduate school of the University of Nottingham. The references cited in this article include a variety of peer-reviewed journal articles, reports, and theses. The article is published in Computers & Education, a journal of peer-reviewed articles on all forms of computing, including hypertext, hypermedia, information systems, networks, and a variety of issues impacting education and technology on college campuses. Summary. The purpose of this article is to report on a small-scale, m-Learning study conducted by the authors in order to explore the presumed benefits of mobile learning for postgraduate student groups. The participants selected in this study include six doctoral research students, 3 female and 3 male, who participated over a period of six months. Each participant was given an HTC Mobile Pocket PC smartphone. An exploration of aspects was covered in the a number of interviews conducted by the authors, including (a) the types of learning materials that each participant accessed, (b) the volume of material accessed, (c) perceived effectiveness of the learning material, (d) uptake of different types of material, (e) time management benefits, and (f) uses of the technology that were unforeseen. Several themes emerged from the analysis, including (a) the mobile device was used as a storage tool to review files and store data; (b) the audio recording DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 88   functionality was used frequently to record thoughts and ideas; (c) hardware limitations of the devices, such as the poor resolution of the built-in camera, led the participants to rely on other devices; and (d) wireless Internet access failures were met with a great deal of disappointment. The authors acknowledge that the technical capability of mobile devices is a crucial factor in developing and sustaining feasible m-Learning. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 89   Conclusion This scholarly annotated bibliography presents and summarizes 29 references, including peer-reviewed articles, reports, theses, and dissertations. References examine four selected aspects of an institution-wide BYOD strategy for higher education: (a) policy, (b) data security, (c) user education, and (d) mobile learning. The purpose of this annotated bibliography is to provide IT leaders in higher education with a set of factors that should be considered when developing an institution-wide BYOD strategy. The rising demand of personally-owned handheld mobile devices, most notably the multi-touch screen smartphone, is a key concept in all of the literature examined in this annotated bibliography. According to an International Data Corporation (IDC) study, smartphone sales surpassed personal computer sales for the first time in 2010 (2011). Furthermore, according to Gartner (2012), worldwide smart phone sales hit 472 million units in 2011, up 58 percent from 2010, and are projected to reach 1.1 billion units by 2015. The reason for this global demand is due to the innovation and convenience of smartphones, which provide similar functionality to a desktop computer including the ability to capture still photographs and high-definition video, while also providing multiple communication modalities, including SMS text messaging, email, and voice and video calling, all in a single, handheld device. This innovation and demand is giving rise to an Age of Mobilism (Norris & Soloway, 2011), in which users want to be connected all of the time, everywhere, on devices that are affordable and globally adopted. The use of consumer-owned mobile devices by students, faculty, and staff for the purposes of facilitating and supporting the academic and administrative roles of an institution is presenting new challenges for DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 90   today’s IT leaders of higher education, who now need to develop an institution-wide IT strategy that supports BYOD. Factors to Consider when Aligning BYOD Policy to Institutional Business Goals Cost savings. Historically, it has been the responsibility of the IT department to provide each employee with the tools and resources they need to do their work. Doing so allowed the IT department to maintain a level of administrative control over these tools, and enabled the IT department to manage access privileges in order to maintain a level of data security. IT consumerization is changing the context. An IT strategic plan should support the institutional mission and align with the institutional strategic plan. An IT strategy for BYOD is not only forward-thinking, it can also bring about a cost savings for an institution. Developing a plan that permits users to utilize their own mobile devices for work and instruction can alleviate some of the cost to provide these tools and resources. According to Trend Micro’s IT Executive and CEO Survey, most of the organizations polled reported that costs either decreased or remained the same after introducing BYOD (2012). The reasons included (a) the lowering of IT capital expenditure (due to users purchasing their own devices), (b) reduced desktop computing support costs, and (c) increased employee productivity (Harris, 2012). Competitive advantage. Supporting IT consumerization can be a competitive advantage for an institution, which is key to any organization’s business goals. According to Cisco’s Connected World Technology Report (2011), three in 10 young professionals globally admit that the absence of remote access would influence their job decisions, such as leaving an existing job sooner rather than later, or declining job offers outright. According to the same study, nearly two in three college students expect to be DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 91   able to access their organization’s networked resources using their personal mobile devices (2011). Furthermore, the report reveals that 71% of the college students polled (Cisco, 2011) share the view that a company-issued device should be available for both work and recreation because “work time often blends with personal time. It’s the way it is today and the way it will be in the future” (Thomson, 2012). It’s reasonable to extrapolate that users will have the same expectation about their personal device; that is, an organization should enable its users to access an organization’s network-based resources whether the device used is company-issued or personally-owned. The BYOD issue is less a matter of “No, we can’t do it” and more a question of “How do we do it?” (Thomson, 2012). According to Trend Micro’s IT Executive and CEO Survey, BYOD is seen as (a) an employee benefit; (b) useful for recruitment and retention; and (c) a significant boost to creativity, innovation, and work-life balance (2012). Factors to Consider when Designing a BYOD Policy Designing a BYOD IT policy is the starting point in the development of an institution-wide BYOD strategy. The policy must address factors that will frame the definition of procedures and processes (Wittman, 2012). In a BYOD culture, the IT policy needs to be more specific than in a traditional IT policy, in order to ensure that the data network is secure and that central IT still has control over it. The BYOD IT policy needs to be designed in collaboration with the users. According to an interview conducted by Steve Mansfield-Devine with Frank Andrus, the CTO at Bradford Networks, the development of a BYOD policy must directly involve users because central IT must have high visibility into the devices used at the institution and how they are used (Mansfield-Devine, 2012). Simultaneously, central IT must DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 92   educate users as to the dangers and limitations of using their personal devices at work (2012); this is a process that requires education and teamwork between the IT department and the users. Andrus outlines a ten-step process for IT policy development that takes the use of mobile devices into consideration. He recommends that before an organization commit to the development of a BYOD strategy, a champion of mobile enablement needs to be identified who is capable of leading the organization through the assessment, proposal, development, and implementation stages of planning; the ten steps follow. 1. Determine what mobile devices your organization will allow. 2. Determine the operating system versions that your organization will allow. 3. Determine what applications are required and those that are not permitted. 4. Determine what groups of users will be allowed to use these devices. 5. Determine what network accesses will be assigned to which users based on who, what, where, and when. 6. Educate your users before they buy their mobile devices and before they are permitted to use them on the organization’s network. 7. Inventory and track authorized and unauthorized users. 8. Inventory and track authorized and unauthorized devices. 9. Control network access based on the organization’s acceptable level of risk. 10. Ensure there is continuous attention to vulnerability assessment and remediation. In their textbook, Management of Information Security, Whitman and Mattord (2011) present a general framework useful for developing a BYOD policy. The framework includes seven clearly defined sections (see Table 1) that provide detailed, targeted guidance to instruct all constituents of an organization on the use of the specific DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 93   issue. While the use of personally-owned mobile devices in an institution has its benefits, these devices also cannot be treated as simply telephones, USB drives, or music players. They are mobile computers and an organization’s BYOD policy must treat them appropriately (Green, 2007). Table 1 A Framework for Developing a BYOD Policy Policy Section Content Description Statement of purpose Addresses the need for the policy, identifies the parties responsible for policy implementation and enforcement, and describes the technology being addressed. In the case of mobile devices, this section should describe the purpose for the policy and provide examples of the type of personal mobile devices that apply. Authorized uses Explains who the authorized users are and what technology can be used. In the case of mobile devices, this section should define authorized users as including current students, faculty, and staff, describe what uses are authorized, and the potential risks to personal data and loss of privacy that they agree to when using a personal mobile device on an institution’s network. Prohibited uses This section outlines what the technology cannot be used for. In the mobile device context, activities that are criminal, offensive, or disruptive to the business of the organization should be mentioned. Systems management In this section, the policy focuses on users’ relationships to systems management. For mobile devices, this section can be extensive. For example, a possible systems management section could include sub- sections on (a) enforcing power-on authentication for a user’s mobile device (b) ensuring that any files or folders containing an organization’s data on a user’s device is encrypted; (c) antivirus software is installed on the user’s device; (d) users immediately report a lost, stolen, or missing mobile device to their supervisor; (e) all data be transmitted over Systems management In this section, the pol cy f cuses on users’ rela io ships t systems manageme t. For mobile devices, this section an be extensive. For example, a possible syst ms management section could include sub- sections on (a) enforcing p wer-on a thentication for a user’s mobile device DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 94   Factors to Consider Related to Data Security The use of personally-owned mobile devices presents security risks to data both within the institution and the user’s data. The competitive edge promised by mobility can be wasted if consumer-owned mobile devices are not adequately protected against mobile device security threats. According to Markelj and Bernik (2012), IT organizations identify security as one of their greatest concerns in regard to the extending of mobility. Violations of policy In this section, users are informed of the penalties involved if they violate the policy. An example for mobile devices could include a series of warnings that could ultimately result in termination of employment, loss of scholarship, or removal from the institution. This section should also encourage users to report any suspected violation of the policy. Policy review and modification In this section, users are informed of the penalties involved if they violate the policy. An example for mobile devices could include a series of warnings that could ultimately result in termination of employment, loss of scholarship, or removal from the institution. This section should also encourage users to report any suspected violation of the policy. Limitations of liability In this section, the organization seeks to protect itself legally by expressly stating any limitations of liability if the policy is not followed. For example, this section could state that the organization is not liable in the event that a user willfully violates this policy, resulting in any type of criminal or civil penalty and that the organization denies any responsibility or acceptance of blame for the user who willfully violates the policy. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 95   Mobile devices are targeted by threats on multiple levels that can work simultaneously, thus the name “blended threats” (Markelj & Bernik, 2012). Blended threats present a significant risk to users and organizations. A key risk is the potential for loss or theft of the mobile device. If a user has stored critical and private information on a personal mobile device but hasn’t been educated about basic protection, such as power- on authentication, then the user puts personal data as well the data of their employer at risk. Indirect threats can be more severe because they are unpredictable. For example, mobile devices can communicate with multiple networks simultaneously. If a user’s mobile device is connected to an institution’s network as well as a public network, an unprotected path to the institution’s central information system can potentially be opened, creating a security breach. A mobile device can become a gateway to an organization’s private information if appropriate precautions are not taken in advance. There are six factors that an IT department can consider to ensure that an organization’s data is secure in a BYOD culture (see Table 2). Appropriate data security within a BYOD culture requires a system that can manage access control to an information system based not only on who the user is, but what type of device is attempting to access the system and from where (Markelj & Bernik, 2012). Vendors are also hard at work, developing solutions for institutions to manage mobile devices and incorporating some or all of the safeguards mentioned above for data security into their mobile device management (MDM) solutions (Burt, 2011). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 96   Table 2 Factors to Ensure the Security of Data in a BYOD Culture Security Safeguard Description Segregate the data IT organizations should design an organization’s data to be segregated from a user’s personal data. According to Wittman (2012), this can save an organization a lot of wasted energy in the event of litigation and compliance-related audits. One way to enable this is to provision storage space and clearly communicate to users the processes for backing up their work-related data in this space, and keeping their personal data out (Harris, 2012). Require users to register their device The process of registering a device for use on an organization’s network can provide the IT department with the ability to track the user’s mobile device. This process can also act as a procedure towards training the user on the appropriate and inappropriate use of their device on the organization’s network, including the setup of privacy settings and data backups. Enable remote access to a mobile device Should a user’s mobile device be lost or stolen, this safeguard would allow the IT department to wipe the user’s mobile device of all data, mitigating the possibility of private or personal data loss. Implement data encryption Encryption software can be used to encrypt only certain segments of data on a mobile device, or an information system as a whole. Use strong passwords Using a strong password on a mobile device can be a simple yet effective safeguard. Strong passwords should also be implemented to access an organization’s wireless network. DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 97   Setup a virtual private network (VPN) A VPN functions on the principle of establishing a channel between the virtual private network software of the mobile device, and the virtual private network server that’s located within the organization’s information system. Verification between a mobile device and an information system needs to be negotiated by the server. Once the identity of the user is verified via a username and password, entrance to the system is granted remotely. Factors to Consider Related to User Education The use of personally-owned mobile devices on an institution’s network raises the need for IT departments to educate users in order to help protect data for both the user and the institution (Markelj & Bernik, 2012). Trainings should be provided to all approved mobile device users to inform them on the appropriate and inappropriate use of their device within the institution (Wittman, 2012). The trainings should cover several issues, including (a) social media usage, (b) personally identifiable information, (c) strong password creation, and (d) privacy settings (Wittman, 2012). Providing this training is recommended as part of an initial hiring orientation, or an orientation to an institution’s resources. It should also be offered at regular times throughout an academic year, should a user request that their device be approved for use on an institution’s network (Harris, 2012). Factors to Consider Related to Mobile Learning When framing the factors that should be considered when designing learning experiences within the context of mobile devices, the focus is on how the functionality of mobile devices can be used to support the learning experience. The design of learning DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 98   with mobile devices is in the early stages; the New Media Consortium’s higher education edition of the 2012 Horizon Report reports that mobile apps are the fastest growing dimension of mobile space in higher education worldwide. This is consistent with Norris and Soloway’s (2011) presentation of a set of defining characteristics of the Age of Mobilism, including (a) being connected all the time, everywhere, (b) the affordability of mobile devices, and (c) the global adoption of mobile devices. There are six factors that an IT department can consider when designing learning experiences in a BYOD culture (see Table 3). Table 3 Factors Involved in Designing Learning Experiences in a BYOD Culture Mobile Learning Context Description Mobile device use for academic purposes According to a survey conducted by Yarmey (2011), student respondents at the University of Scranton use the mobile convenience of their smartphones for common desktop application utilities, including (a) a calculator; (b) a unit conversion tool; (c) a dictionary; (d) subject-specific microapps, such as a periodic table or a guide to Shakespeare. SMS text messaging has also been used by instructors for sharing ideas and in-class polling (Motiwalla, 2007). Communication anywhere, anytime A wireless mobile device overcomes the limitations of desktop or even laptop computers as they can leverage a wireless carrier’s network to access the Internet. This gives learners the potential for instant gratification by allowing them to interact with their instructors, fellow students in their course, and access course materials from anywhere they have wireless connectivity (Motiwalla, 2007). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 99   Microapp development Developing custom microapps is made possible using free software development kits (SDK). In one example reported by Young (2011), an instructor at Capital University in Ohio saw the iPhone as a way to streamline the process of calling roll. This instructor subsequently developed a custom, task-specific microapp to take attendance. The instructor put the microapp on the iTunes store where it has been downloaded thousands of times. Benefits for students with learning disabilities Akour (2009) observed the benefits that m- Learning could have for students with learning disabilities. Factors include (a) the ability to be connected anywhere, anytime; (b) the interactive, multi-touch interface of most mobile devices; (c) the wide range and affordable cost of microapps; (d) the ability to develop custom microapps. These factors make m- Learning a reasonable learning option for people with learning disabilities. Concerns with m-Learning According to Akour (2009), several concerns regarding m-Learning were raised in his study with the 2008 incoming freshmen class at Oklahoma State University, including (a) that it replaces the interpersonal and face-to-face interaction between students, faculty, and the university; (b) that smartphones are perceived as devices that enable communication and entertainment, but are not ideal for education due to their small screen size; (c) the learning process is becoming too dependent on technology; (d) student anxiety over not being able to quickly learn how to utilize a mobile device (2009). M-Learning and looking forward Mobile learning doesn’t replace formal education but it can extend the support of learning outside of the traditional classroom. Given the demand and global adoption of mobile devices, instruction DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 100   needs to shift from an “I teach” to a “we learn” form of pedagogy where the instructor learns along with the students (Norris & Soloway, 2011). Rather than see mobile communication and the rapid adoption of mobile technology as a threat, educators need to explore how learning can be transformed in the mobile age. The technology enables learning to happen not just from instructor to student, but from student to student; this changes the teacher’s role from the giver of information to a director of learning (Norris & Soloway, 2011). DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 101   References Akour, H. (2009). Determinants of mobile learning acceptance: an empirical investigation in higher education. Retrieved from ProQuest Aruba Networks. (2012). The aruba mobile virtual enterprise: A mobility-centric network access architecture. Retrieved from http://www.arubanetworks.com/pdf/technology/whitepapers/WP_MOVE.pdf Bell, C., & Smith, T. (2009). Critical evaluation of information sources. Retrieved from http://libweb.uoregon.edu/guides/findarticles/credibility.html Blindmann, G. (2011). Multitouch technologies. Retrieved from http://www.multi-touch-solution.com/en/knowledge-base-en/ Burt, J. (2011). BYOD trend pressures corporate networks. eWeek, 28(14), 30-31. Retrieved from: http://web.ebscohost.com/ehost/detail?sid=6b0434ee-970c-40b4- 85fc-ba28a2b4e26a%40sessionmgr104&vid=1&hid=113&bdata=JnNpdGU 9ZWhvc3QtbGl2ZSZzY29wZT1zaXRl#db=voh&AN=65469365 Busch, C., De Maret, P., Flynn, T., Kellum, R., Le, S., & Meyers, B., Saunders, M., White, R., (2005). Conceptual analysis. Colorado State University Writing Guide. Retrieved from http://writing.colostate.edu/guides/research/content/com2b1.cfm Carr, D. F. (2012, March 29). BYOD policy or buy everyone an iPhone? InformationWeek. Retrieved from http://www.informationweek.com/thebrainyard/news/mobile/232700489 Cisco Systems. (2011). 2011 Cisco Connected World Technology Report. Retrieved from http://www.cisco.com/en/US/netsol/ns1120/index.html DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 102   Clark, N., Karatzouni, S., & Furnell, S. (2009). Flexible and transparent user authentication for mobile devices. doi:10.1007/978-3-642-01244-0_1 Creswell, J. W. (2009). Research design: Qualitative, quantitative, and mixed methods approaches. Thousand Oaks, CA: SAGE Publications. Crisp, C. B. & Williams, M. L. (2009). Mobile device selection in higher education: iPhone versus iPod touch. Retrieved from http://www.acu.edu/technology/mobilelearning/documents/research/crisp/mobile- device-selection.pdf Davidson, P. (2012, April 16). More American workers sue employers for overtime pay. USA Today. Retrieved from http://www.usatoday.com/money/jobcenter/workplace/story/2012-04-15/workers-sue- unpaid-overtime/54301774/1?loc=interstitialskip Demski, J. (2011). The consumerization of IT: Pendulum or wrecking ball? Campus Technology, 25(2), 32-28. Retrieved from http://campustechnology.imirus.com/Mpowered/book/vcampus11/i10/p1 Dobbin, G., Dahlstrom, E., & Sheehan, M. C. (2011). The ECAR study of mobile IT in higher education, 2011. Retrieved from: http://net.educause.edu/ir/library/pdf/ERS1104/ERS1104.pdf Garlati, C. (2011). Trend micro consumerization report 2011. Retrieved from http://bringyourownit.com/2011/09/26/trend-micro-consumerization-report-2011/ Gartner, Inc. (2012). Gartner says worldwide smartphone sales soared in fourth quarter of 2011 with 47 percent growth. Retrieved from http://www.gartner.com/it/page.jsp?id=1924314 DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 103   Gibbons, C. A. (2009). How does having a pocket PC affect doctoral students’ experience of learning? A case-study and it simplications for postgraduate research training. The 4th international conference on e-Learning. Canada: University of Toronto Graubelle, M. (2012). Entering the next phase of BYOD: Mobile virtualization lets users manage work on a personal device without compromising enterprise security or their privacy. Electronic Engineering Times, 1615, 34. Retrieved from: http://global.factiva.com/aa/?ref=EENG000020120206e8260000e&pp=1&fcpil=en& napc=S&sa_from= Green, A. (2007). Management of security policies for mobile devices. Proceedings of the 4th annual conference on information security curriculum development. doi: 10.1145/1409908.1409933 Harris, C. (2012). IT executive and CEO survey final report: Mobile consumerization trends and perceptions. Used by permission of Trend Micro for the purpose of this study. Hemsley, P. (2012, March 23). Reshaping policy to change BYOD culture. Government News. Retrieved from http://www.governmentnews.com.au/2012/03/23/article/Reshaping-policy-to-change- BYOD-culture/MSQHNYMYFJ.html Hloden, O. (2010). Mobile learning anytime, anywhere. Bioscience, 60(9), 682. doi: 10.1525/bio.2010.60.9.4 International Data Corporation. (2011). 2011 Consumerization of IT study: Closing the consumerization gap. Framingham, MA: Gens, F., Levitas, D., & DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 104   Segal, R. Kim, R. (2011, June 29). The iPhone effect: How Apple’s phone changed everything. Gigaom. Retrieved from http://gigaom.com/2011/06/29/the-iphone-effect-how- apples-phone-changed-everything/ Kleyman, B. (2011, November). How to make a BYOD program work. SearchConsumerization. Retrieved from http://searchconsumerization.techtarget.com/tip/How-to-make-a-BYOD-program- work Lippincott, J. K. (2010). A mobile future for academic libraries. Reference Service Review, 38(2), 205-213. doi: 10.1108/00907321011044981 Literature Reviews. (n.d.) The Writing Center. University of North Carolina at Chapel Hill. Retrieved from http://www.unc.edu/depts/wcweb/handouts/literature_review.html Mansfield-Devine, S. (2012). Interview: BYOD and the enterprise network. Computer Fraud & Security, 2012(4), 14-17. doi:10.1016/S1361-3723(12)70031-3 Markelj, B., & Bernik, I. (2012). Mobile devices and corporate data security. International Journal of Education and Information Technologies, 6(1), 97-104. http://www.naun.org/journals/educationinformation/17-591.pdf Mathias, C. J. (2012, March). How to create a BYOD policy. SearchConsumerization. Retrieved from http://searchconsumerization.techtarget.com/tip/How-to-create-a- BYOD-policy?asrc=EM_NLT_17010119&track=NL-1108&ad=868170& Motiwalla, L. F. (2007). Mobile learning: A framework and evaluation. Computers & Education, 49(3), 581-596. doi: 10.1016/j.compedu.2005.10.011 DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 105   New Media Consortium. (2012). The NMC Horizon Report: 2012 Higher Education Edition. Austin, Texas: The New Media Consortium. Norris, C. A. & Soloway, E. (2011). Learning and schooling in the age of mobilism. Educational Technologies, 51 (6), 3-10. Retrieved from http://cecs5580.pbworks.com/w/file/fetch/50304204/Soloway%20Ed%20Tech- Learning%20and%20Schooling%20in%20the%20Age%20of%20Mobilism.pdf School CIO (2012). BYOD strategies: Strategies for K-12 technology leaders. Technology & Learning, 32 (7), 34-37. Retrieved from: http://go.galegroup.com/ps/retrieve.do?sgHitCountType=None&sort=DA- SORT&inPS=true&prodId=CDB&userGroupName=s8492775&tabID=T002&search Id=R6&resultListType=RESULT_LIST&contentSegment=&searchType=AdvancedS earchForm¤tPosition=1&contentSet=GALE|A279613035&&docId=GALE|A2 79613035&docType=GALE&role= Sen, P. K. (2012). Consumerization of information technology drivers, benefits and challenges for New Zealand corporates. Retrieved from http://researcharchive.vuw.ac.nz/bitstream/handle/10063/2095/thesis.pdf?sequence=1 Sharples, M., Taylor, J., & Vavoula, G. (2010). A theory of learning for the mobile age: Learning through conversation and exploration across contexts. Medienbildung in Neuen Kulturraumen (pp. 87-99). doi: 10.1007/978-3-531-92133-4_6 Subramanian, L., Maguire, G. Q., & Stephanow, P. (2012). An architecture to provide cloud based security services for smartphones. Retrieved from: http://141.12.72.110/wp-content/uploads/2012/01/An-Architecture-To-Provide- Cloud-Based-Security-Services-For-Smartphones.pdf DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 106   Suki, N. M., & Suki, N. M. (2011). Using mobile device for learning: From students’ perspective. US-China Education Review, 1, 44-53. Retrieved from http://www.eric.ed.gov/ERICWebPortal/contentdelivery/servlet/ERICServlet?accno= ED522204 Thomson, G. (2012). BYOD: Enabling the chaos. Network Security, 2, 5-8. doi: 10.1016/S1353-4858(12)70013-2 Trend Micro (2012). Enterprise readiness of consumer mobile platforms. Retrieved from http://trendmicro.com/cloud- content/us/pdfs/business/reports/rpt_enterprise_readiness_consumerization_mobile_p latforms.pdf?cm_mmc=Affiliates-_-Internal-_-Cesare+Garlati-_-BringYourOwnIT Tucci, L. (2011, April 26). CIOs scrambling to adapt mobile device management to a BYOD era. SearchCIO. Retrieved from http://searchcio.techtarget.com/news/2240035108/CIOs-scrambling-to-adapt-mobile- device-management-to-a-BYOD-era Venable, M. A. (2012, January 31). When it’s BYOD, bring your own device. OnlineCollege.org. Retrieved from http://www.onlinecollege.org/2012/01/31/when- its-byod-bring-your-own-device/ Villano, M. (2007). Help on the run. Campus Technology, 21(2), 24-30. Retrieved from http://campustechnology.com/Articles/2007/10/Help-on-the-Run.aspx Vogel, D., Kennedy, D., & Chi-Wai Kwok, R. (2009). Does using mobile device applications lead to learning? Journal of Interactive Learning Research, 20(4), 469- 485. Wang, R., Wiesemes, R., & Gibbons, C. (2011). Developing digital fluency through DEVELOPING AN INSTITUTION-WIDE BYOD STRATEGY 107   ubiquitous mobile devices: Findings from a small-scale study. Computers & Education, 58(1), 570-578. doi: 10.1016/j.compedu.2011.04.013 Wentzel, P., Lammeren, R., Molendijk, M., Bruin, S., & Wagtendonk, A. (2005). Using mobile technology to enhance student’s educational experiences. Case study from the Educause Center for Applied Research (ECAR). Retrieved from http://www.educause.edu/ir/library/pdf/ers0502/cs/ecs0502.pdf Whitman, M. E. & Mattord, H. J. (2011). Principles of Information Security, 4th Edition. Independence, KY: Cengage Learning Wilson, S. & McCarthy, G. (2010). The mobile university: From the library to the campus. Reference Services Review, 38(2) 214-232. doi: 10.1108/00907321011044990 Wittman, A. (2011). BYOD? First get serious about data security. Information Week 1316, 46. Retrieved from: http://global.factiva.com/aa/?ref=IWK0000020111114e7be0000a&pp=1&fcpil =en&napc=S&sa_from= Yarmey, K. (2011). Student information literacy in the mobile environment. Educause Quarterly Magazine, 34(1). Retrieved from: http://www.educause.edu/EDUCAUSE+Quarterly/EDUCAUSEQuarterlyMagazineV olum/StudentInformationLiteracyinth/225860 Young, J. R. (2011). Top smartphone apps to improve teaching, research, and your life. Education Digest, 76(9), 12-15. Retrieved from http://content.ebscohost.com/ContentServer.asp?T=P&P=AN&K=60226894&S=R&