In the past two decades the IT industry has increasingly focused on customers, and the drive is now more toward a consumer-driven bottom-up approach as compared to the traditional top-down IT innovation (Leclercq-Vandelannoitte, 2015; Weeger et al., 2015). The availability of consumer tools such as mobile devices and tablet computers and the significant drop in prices for facilities such as voice/data communication provided by mobile networks has led to the widespread diffusion of mobile devices for personal usage. Consequently, individuals are more and more accustomed to the convenience and benefits obtained from the use of personal mobile devices to such an extent that they are willing to bring privately owned devices into their professional spheres to fulfill business tasks, thus giving rise to the bring your own device (BYOD) trend (Köffer et al., 2014). Harris et al. (2012) cite statistics that as early as 2011, 23 percent of employees were already routinely using BYOD, and a further 29 percent at least once a week, and at approximately the same time 77 percent of CIOs had plans to provide employees with mobile access to company data and applications (Disterer and Kleiner, 2013). BYOD uptake by organizations has been reportedly as high as 80 percent in various countries (Spain, Brazil, Malaysia and Singapore), and 85 percent of individuals in Malaysia also reportedly use personal devices in the workplace (Eslahi et al., 2014). This is at least partly because users are more comfortable and familiar with their consumer tools and increasingly wish to use these in their professional environment so that their daily work tasks are completed more rapidly and efficiently (Steelman et al., 2016). The demand for utilizing privately owned technologies in their corporate environment is expected to rise in the future as individuals are encouraged more and more to use their personal devices in their professional spheres (Weeger et al., 2015). Although there is strong demand from employees to be able to bring their own devices into the workplace, BYOD is not without risk (Harris et al., 2012), with some referring to BYOD as “Bring Your Own Danger” and even predicting “IT anarchy” (Disterer and Kleiner, 2013). The area of risk that has perhaps received the greatest attention is security (Niehaves et al., 2012; Disterer and Kleiner, 2013). BYOD can pose a threat to the confidentiality, integrity and authenticity of the organization’s data (Disterer and Kleiner, 2013) and although these threats are recognized by organizations they are often not recognized or responded to by end-users (Seigneur et al., 2013), and organizations sometimes struggle to establish effective guidelines for BYOD security (Niehaves et al., 2012). In addition to security risks, BYOD can also pose legal and regulatory challenges. Inevitably there will be different rules in different countries or jurisdictions (Harris et al., 2012), in particular in relation to aspects such as privacy and data protection requirements, and this may pose compliance challenges when using BYOD. BYOD can even pose technical challenges such as reliability and performance, and also pose challenges to data accuracy (Harris et al., 2012), such as when data stored on mobile devices becomes out-of-date due to intermittent mobile connectivity (Weiß and Leimeister, 2012).