Employees' Behavior towards IS Security Policy Compliance

Pahnila, Seppo; Siponen, Mikko T.; Mahmood, Adam

doi:10.1109/hicss.2007.206

Cited by 261 publications

(271 citation statements)

References 35 publications

Supporting

Mentioning

262

Contrasting

Unclassified

Order By: Relevance

“…However, PMT has seldom been applied to individuals' risky use of the Internet and information technology, with exceptions including recent studies on computer users' decisions to employ virus protection (Lee et al, 2008) and to regularly back up work-related data (Boss and Galletta, 2008), employees' compliance with company security policies (Pahnila et al, 2007;Johnston and Warkentin, 2010), and the stress coping mechanisms for IT professionals (Tsai et al, 2007). Other recent studies have utilized some of the same health-related constructs modeled in PMT to help explain security consciousness in users (Ng et al, 2009).…”

Section: What Factors Influence An Individual To Post Personal Informmentioning

confidence: 99%

Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

Marett¹,

McNab²,

Harris³

2011

THCI

View full text Add to dashboard Cite

Ping Zhang was the accepting Senior Editor. This article was submitted on 3/26/2010 and accepted on 7/5/2011. It was with the authors 254 days for 2 revisions. The popularity of social networking websites among Internet users continues to grow, even though social networking remains a risk for users who do not participate with caution. Using protection motivation theory (PMT) as a theoretical lens to provide a research model, and by issuing a fear appeal to social network users about the potential threat to their privacy, this study identified perceptions and beliefs held by users that influence their behavioral responses to the imposed threats. A snowball sample survey measuring the variables conceptualized by PMT was completed by 522 social network users. A time-ordered hierarchical regression analysis of the responses showed that PMT provides explanations for both adaptive and maladaptive responses, particularly for the response of hopelessness. Implications and directions for future research in this area are offered.

show abstract

Section: What Factors Influence An Individual To Post Personal Informmentioning

confidence: 99%

Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

Marett¹,

McNab²,

Harris³

2011

THCI

View full text Add to dashboard Cite

show abstract

“…5 Anecdotal evidence suggests that the most effective way to protect online privacy is to combine education and training with the use of technology tools to promote the users' awareness. End-user awareness and training is an especially challenging area in that users vary widely in level of motivations, perceptions of threat severity, and computer self-efficacy [46,50]. Therefore, future research should investigate how to integrate user awareness and training with the design and deployment of privacy-enhancing technologies.…”

Section: Discussionmentioning

confidence: 99%

A Value Sensitive Design Investigation of Privacy Enhancing Tools in Web Browsers

Crossler

Bélanger

2012

Decision Support Systems

View full text Add to dashboard Cite

a b s t r a c t a r t i c l e i n f oPrivacy concern has been identified as a major factor hindering the growth of e-business. Recently, various privacy-enhancing tools (PETs) have been proposed to protect the online privacy of Internet users. However, most of these PETs have been designed using an ad hoc approach rather than a systematic design. In this paper, we present an exploratory investigation of an end-use PET using a Value Sensitive Design approach. We propose an integrated design of a Privacy Enhancing Support System (PESS) with three proposed tools, namely privacy-enhancing search feature (PESearch), privacy-enhancing control for personal data (PEControl), and privacy-enhancing review for sharing the ratings and reviews of websites' privacy practices (PEReview). This system could enhance the interactivity of Internet users' privacy experiences, increase users' control perceptions over their personal information, and reduce their privacy concerns. An empirical evaluation of PESearch, PEControl, and PEReview revealed that novices felt the most important aspect of the tools for downloading and usage intentions was its usefulness; most experts felt the tool met the design principles as specified.

show abstract

“…The effectiveness of rewards and sanctions depends on the satisfaction of the receiving individual [34]. For example, (we expect) a small monetary reward may motivate a poor but not a rich individual.…”

Section: Improve Intuitive Behavior Towards Security Threatsmentioning

confidence: 99%

A Case for Societal Digital Security Culture

Othmane

Weffers

Ranchal

et al. 2013

Security and Privacy Protection in Information Processing Systems

View full text Add to dashboard Cite

Abstract. Information and communication technology systems, such as remote health care monitoring and smart mobility applications, have become indispensable parts of our lives. Security vulnerabilities in these systems could cause financial losses, privacy/safety compromises, and operational interruptions. This paper demonstrates through examples, that technical security solutions for these information systems, alone, are not sufficient to protect individuals and their assets from attacks. It proposes to complement (usable) technical solutions with Societal Digital Security Culture (SDSC): collective knowledge, common practices, and intuitive common behavior about digital security that the members of a society share. The paper also suggests a set of approaches for improving SDSC in a society and demonstrates using a case study how the suggested approaches could be integrated to compose a plan for improving SDSC.

show abstract

Employees' Behavior towards IS Security Policy Compliance

Cited by 261 publications

References 35 publications

Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

Social Networking Websites and Posting Personal Information: An Evaluation of Protection Motivation Theory

A Value Sensitive Design Investigation of Privacy Enhancing Tools in Web Browsers

A Case for Societal Digital Security Culture

Contact Info

Product

Resources

About