ABSTRACT Bring-Your-Own-Device (BYOD) has gained increased popularity in organizations but may engender information security concerns. To address these concerns, employees are expected to opt-in and comply with organizational BYOD security policy. This study investigates the factors that affect employees’ opt-in decisions with BYOD security policy. Drawing on the theoretical lenses of persuasion and cognitive elaboration, we propose that employees’ cognitive elaborations of BYOD security policy could be affected by the valence of justification of the BYOD security policy, the stringency of BYOD security measures, and the sequence of the introduction of BYOD security policy in relation to employees’ use of personal devices to perform organizational tasks and such cognitive elaborations would in turn affect opt-in decisions. We conducted an experimental survey to test our propositions. The results indicate that positive BYOD security policy justification framing and post-task security policy exposure would lead to more positive cognitive elaboration, decision to opt-in, and compliance with the BYOD security policy. This research has significant implications for security management with respect to the design and implementation of BYOD security policy within an organization according to the nature of security policy and the task requirements.

中文翻译：

---

自带设备 (BYOD) 中的安全策略选择决策——说服和认知阐述的观点

摘要 自带设备 (BYOD) 在组织中越来越受欢迎，但可能会引起信息安全问题。为了解决这些问题，员工应该选择加入并遵守组织的 BYOD 安全政策。本研究调查了影响员工选择使用 BYOD 安全策略的决定的因素。利用说服和认知阐述的理论视角，我们提出员工对 BYOD 安全策略的认知阐述可能受到 BYOD 安全策略的正当性、BYOD 安全措施的严格程度以及引入顺序的影响。与员工使用个人设备执行组织任务相关的 BYOD 安全策略以及此类认知详细说明将反过来影响选择加入决策。我们进行了一项实验性调查来测试我们的命题。结果表明，积极的 BYOD 安全策略论证框架和任务后安全策略暴露将导致更积极的认知阐述、选择加入的决定以及对 BYOD 安全策略的遵守。根据安全策略的性质和任务要求，本研究对组织内 BYOD 安全策略的设计和实施方面的安全管理具有重要意义。