Article Preview
TopIntroduction
In the increasingly digital world of today, the majority of communication takes place through different digital communication channels. As people are more and more “on the move” or otherwise remotely located, the popularity and importance of different ubiquitous communication devices has exploded. This is the case in corporate, governmental, military, and personal use alike. Moreover, many things that need to be communicated contain information that is confidential or otherwise meant for certain eyes and ears only, such as, trade secrets, state secrets, or information that is otherwise sensitive or confidential. Naturally, this information can also be of interest to certain outsiders, such as industry competitors, foreign governments, or criminals. It is well known that the attempts and attacks to capture confidential information are common and increasing all the time. More and more of these attempts and attacks are also targeting mobile devices (Trend Micro, 2017). Therefore, there is a growing need, especially in corporations and governmental organizations, to ensure that critical communication is safe and secure and the confidentiality of information is not breached. Indeed, corporations and organizations have paid an increasing consideration to information systems (IS) security and privacy during the past years. To decrease the risk posed by the prevalent security and privacy threats, different solutions have emerged to safeguard the confidentiality of communication. Some of the solutions, such as e-mail encryption software, have been around for a long time, but also more novel solutions exist. These include, for example, mobile applications meant for communication in corporations and organizations in cases where secure and confidential communication is essential.
Security and privacy management in the area of mobile communication has been studied since the early 1990s (Chan, Kwong, & Longginnou, 1993). The whole research stream of IS security and privacy dates back to the beginning of the 1970s (Bates, 1970) and has focused on various approaches and topics around security and privacy issues. Over the years, also several reviews on IS security research have been published (e.g., Baskerville, 1993; Cram, Proudfoot, & D’Arcy, 2017; Dhillon & Backhouse, 2001; Guo, 2013; Siponen & Oinas-Kukkonen, 2007; Sommestad, Hallberg, Lundholm, & Bengtsson, 2014; Soomro, Shah, & Ahmed, 2016; Willison & Siponen, 2007), which illustrate the development of the topics and the central issues under research. Yet, as the technology, means, and needs of communication and the regarding security and privacy threats advance and are constantly evolving, there is an eminent need to keep IS security research in line with the most novel technologies.