Employees' Compliance with BYOD Security Policy: Insights from Reactance, Organizational Justice, and Protection Motivation Theory

نویسندگان

  • Frida Ferdani Putri
  • Anat Hovav
چکیده

The trend of bring your own device (BYOD) has been rapidly adopted by organizations. Despite the pros and cons of BYOD adoption, this trend is expected to inevitably keep increasing. Yet, BYOD has raised significant concerns about information system security as employees use their personal devices to access organizational resources. This study aims to examine employees' intention to comply with an organization’s IS security policy in the context of BYOD. We derived our research model from reactance, protection motivation and organizational justice theories. The results of this study demonstrate that an employee’s perceived response efficacy and perceived justice positively affect an employee’s intention to comply with BYOD security policy. Perceived security threat appraisal was found to marginally promote the intention to comply. Conversely, perceived freedom threat due to imposed security policy negatively affects an employee’s intention to comply with the security policy. We also found that an employee’s perceived cost associated with compliance behavior positively affects an employee’s perceptions of threat to an individual freedom. An interesting double-edged sword effect of a security awareness program was confirmed by the results. BYOD security awareness program increases an employee’s response efficacy (a positive effect) and response cost (a negative effect). The study also demonstrates the importance of having an IT support team for BYOD, as it increases an employee’s response-efficacy and perceived justice.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Exploring the effects of organizational justice, personal ethics and sanction on internet use policy compliance

Internet security risks, the leading security threats confronting today’s organizations, often result from employees’ non-compliance with the internet use policy (IUP). Extant studies on compliance with security policies have largely ignored the impact of intrinsic motivation on employees’ compliance intention. This paper proposes a theoretical model that integrates an intrinsic self-regulatory...

متن کامل

Control - Related Motivations and Information Security Policy Compliance : The Role of Autonomy and Efficacy

Employees' failures to follow information security policy can be costly to organizations, causing organizations to implement security controls to motivate secure behavior. Information security research has explored many control-related motivations (e.g., self-efficacy, response efficacy, and behavioral control) in the context of ISP compliance; however, the behavioral effects of perceptions of ...

متن کامل

Protection motivation and deterrence: a framework for security policy compliance in organisations

Received: 21 February 2008 Revised: 15 August 2008 2nd Revision: 31 January 2009 Accepted: 23 February 2009 Abstract Enterprises establish computer security policies to ensure the security of information resources; however, if employees and end-users of organisational information systems (IS) are not keen or are unwilling to follow security policies, then these efforts are in vain. Our study is...

متن کامل

Understanding Compliance with Internet Use Policy: An Integrative Model Based on Command-and- Control and Self-Regulatory Approaches

Internet security risks, the leading security threats confronting today’s organizations, often result from employees’ non-compliance with the Internet use policy (IUP). Extant studies on the compliance with security policies have largely ignored the impact of intrinsic motivations on employees’ compliance intention. This paper proposes a theoretical model that integrates an extrinsic sanction-b...

متن کامل

Investigate the Effects of Information Security Climate and Psychological Ownership on Information Security Policy Compliance

Currently, information security policy compliance research mainly investigates information security compliant behaviors of employees from general deterrence theory or protection motivation theory. However, these studies focus on the discussions of security specifications in organization and the motivations of individuals’ behaviors but omit the influences of contextual effects on employees’ psy...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2014