Information Systems Security Policy Enforcement with Technological Agents: A Field Experiment


Hadasch, Frank ; Li, Ye ; Müller, Benjamin



URL: https://scholar.google.de/citations?view_op=view_c...
Additional URL: http://aisel.aisnet.org/ecis2013/132
Document Type: Conference or workshop publication
Year of publication: 2013
Book title: ECIS 2013 Proceedings : 21st European Conference on Information Systems June 5-8, Utrecht University, The Netherlands
Page range: Paper 132
Conference title: ECIS 2013
Date of the conference: June 5-8, 2013
Place of publication: Atlanta, Ga.
Publishing house: AISeL
Publication language: English
Institution: Außerfakultäre Einrichtungen > Institut für Enterprise Systems (InES)
Business School > Wirtschaftsinformatik IV (Mädche 2009-2015)
Subject: 650 Management
Abstract: This paper addresses the question of employees’ information protection behaviour from a socio-technical perspective. While prior information systems (IS) security research thoroughly examines the determinants of employees’ security motivation, this work investigates if information protection motivation translates into actual behaviour and how security policy-enforcing technological agents influence behaviour. For researchers this is important as measurements of actual security behaviour are scarce in the literature, the underlying cognitive process of information protection behaviour lacks detailed examination, and the design of information technology (IT) artefacts requires an understanding of what makes them effective in changing an employee’s information protection behaviour. In a scenario-based field experiment with 82 participants we test for direct and moderation effects of policy-enforcing technological agents on employees’ information protection behaviour. Captured screen recordings of the simulated work environment are analysed with principles of inductive reasoning to suggest a cognitive process model of users’ information protection behaviour. Shedding light into the black box of the post-motivational phase helps us to investigate when employees are specifically challenged to protect confidential information and how a policy-enforcing technological agent might help to prevent information leakage incidents.
Additional information: Online-Ressource




Dieser Eintrag ist Teil der Universitätsbibliographie.




Metadata export


Citation


+ Search Authors in

+ Page Views

Hits per month over past year

Detailed information



You have found an error? Please let us know about your desired correction here: E-Mail


Actions (login required)

Show item Show item