Employees are increasingly relying on mobile devices. In international organizations, more employees are using their personal smartphones for work purposes. Meanwhile, the number of data breaches is rising and affecting the security of customers' data. However, employees' cybersecurity compliance with cybersecurity policies is poorly understood. Researchers have called for a more holistic approach to information security. We propose an employee smartphone-security compliance (ESSC) model, which deepens understanding of employees' information-security behavior by considering influences on the national, organizational, technological (smartphone-specific), and personal levels. The research focuses on secure smartphone use in the workplace among Gen-Mobile (aged 18–35) employees in a cross-cultural context: the United Kingdom (UK), United States (US) and United Arab Emirates (UAE) where 1735 questionnaires were collected. Our findings suggest that those who wish to understand employees' smartphone-security behavior should consider national cybersecurity policies, cultural differences in different countries, and threats specific to smartphone use. In addition, our findings help companies to increase customers’ trust and maintain a positive reputation.