Context awareness vulnerabilities detection model in byod environment using a linear regression technique

Abstract

The purpose of this study was to examine context-awareness vulnerabilities in Bring Your Own Device (BYOD) environments within large SACCOs in Kenya. Adoption of BYOD practices, enable employees of an organization to use personal devices for work. In the recent past there has been incidents of financial vulnerabilities, including losses attributed to both internal collusion and external cyber-attacks, which showed the urgent need for solutions focused on vulnerability detection mechanisms. The analysis of past literature revealed gaps in existing models, which inadequately address SACCO-specific risks such as the role-based access and dynamic access patterns, often relying on a narrow set of data points or reliance of static approaches. The study employed a descriptive survey design, using structured questionnaires to collect data from 86 employees of Mwalimu SACCO’s head office in Nairobi. As the largest SACCO in Kenya, Mwalimu SACCO provided a suitable context to analyse BYOD-related vulnerabilities in a high-risk, resource-constrained environment. Descriptive techniques and multivariate regression analysis were employed to determine the influence of the identified factors on the vulnerability index. The study findings showed that access time, location, and role risk factors significantly wielded and affect vulnerability in BYOD environments. Access time emerged as the most critical determinant, with increased risks observed during non-standard work hours. Location vulnerabilities were heightened in remote settings due to limited security measures, while role risk factors indicated that employees with elevated access privileges, particularly in ICT and finance roles, posed greater risks. The study formulated a multivariate regression model which demonstrated high predictive accuracy, with an R² value of 0.89 and a mean absolute error of 0.12. These results validated its reliability in identifying and predicting context-awareness vulnerabilities in SACCO BYOD environments. The study concludes that; there is increased use of personal devices by SACCO staff to undertake both personal and official engagements. Further, the study concludes that, there is lack of comprehensive BYOD policies that conforms to prevailing vulnerabilities. Through adoption of robust access controls, organization centered BYOD policies, and role-specific security measures, SACCOs can upscale their defenses. These measures would enable SACCOs to mitigate vulnerabilities, reduce insider fraud and external threats, and strengthen their cyber-security posture. This research fills a critical gap in understanding and managing context-aware vulnerabilities in BYOD environments, offering a practical framework for enhancing the security of SACCO operations in Kenya.