Date of Conferral
Doctor of Information Technology (D.I.T.)
Information Systems and Technology
Data breaches happen almost every day in the United States and, according to research, the majority of these breaches occur due to a lack of security with organizations' mobile devices. Although most of the security policies related to mobile devices currently in place may meet the guidelines required by law, they often fail to prevent a data breach caused by a mobile device. The main purpose of this qualitative single case study was to explore the strategies used by security managers to prevent data breaches caused by mobile devices. The study population consisted of security managers working for a government contractor located in the southeastern region of the United States. Ludwig von Bertalanffy's general systems theory was used as the conceptual framework of this study. The data collection process included interviews with organization security managers (n = 5) and company documents and procedures (n = 13) from the target organization related to mobile device security. Data from the interviews and organizational documents were coded using thematic analysis. Methodological triangulation of the data uncovered 4 major themes: information security policies and procedures, security awareness, technology management tools, and defense-in-depth. The implications for positive social change from this study include the potential to enhance the organizations' security policies, cultivate a better security awareness training program, and improve the organizations data protection strategies. In addition, this study outlines some strategies for preventing data breaches caused by mobile devices while still providing maximum benefit to its external and internal customers.