A New Model for Understanding Users' IS Security Compliance

نویسندگان

  • Mikko T. Siponen
  • Seppo Pahnila
  • Mo Adam Mahmood
چکیده

The literature agrees that the major threat to IS security is constituted by careless employees. Therefore, effective IS security requires that users are not only aware of, but also comply with organizations’ IS security policies and procedures. To address this important concern, different IS security awareness, education and enforcement approaches have been proposed. Prior research on IS security compliance has criticized these extant IS security awareness approaches as lacking theoretically and empirically grounded principles to ensure that employees comply with IS security policies. This research-in-progress study proposes a new model that contains the factors that explain employees’ IS security compliance.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A survey on impact of cloud computing security challenges on NFV infrastructure and risks mitigation solutions

Increased broadband data rate for end users and the cost of resource provisioning to an agreed SLA in telecom service providers, are forcing operators in order to adhere to employment Virtual Network Functions (VNF) in an NFV solution. The newly 5G mobile telecom technology is also based on NFV and Software Define Network (SDN) which inherit opportunities and threats of such constructs. Thus a ...

متن کامل

Security compliance-New insight from Goal orientations and Self-regulation theory

This paper explores how self-set security goal orientations and self-regulation theory can provide potential venues to motivate end-user sustained IS security compliance. Organisations have found that it is essential to motivate end-users to comply with information security measures and policies on a regular basis. The research aims to obtain an understanding of the relationship between individ...

متن کامل

Information Security Policy Compliance: A User Acceptance Perspective

Compliance with information security policies (ISPs) is a key factor in reducing an organization’s information security risks. As such, understanding employees’ compliance behavior with ISPs is an important first step to leverage knowledge worker assets in efforts targeted toward reducing information security risks. This study adapts the Technology Acceptance Model (TAM) to examine users’ behav...

متن کامل

A combination of semantic and attribute-based access control model for virtual organizations

A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...

متن کامل

Private Key based query on encrypted data

Nowadays, users of information systems have inclination to use a central server to decrease data transferring and maintenance costs. Since such a system is not so trustworthy, users' data usually upkeeps encrypted. However, encryption is not a nostrum for security problems and cannot guarantee the data security. In other words, there are some techniques that can endanger security of encrypted d...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006