IS Security Policy Enforcement with Technological Agents: A Field Experiment

Frank Hadasch, Ye Li, Benjamin Mueller

Research output: Contribution to conferenceOtherAcademic

2 Citations (Scopus)

Abstract

This paper addresses the question of employees’ information protection behaviour from a socio- technical perspective. While prior information systems (IS) security research thoroughly examines the determinants of employees’ security motivation, this work investigates if information protection motivation translates into actual behaviour and how security policy-enforcing technological agents influence behaviour. For researchers this is important as measurements of actual security behaviour are scarce in the literature, the underlying cognitive process of information protection behaviour lacks detailed examination, and the design of information technology (IT) artefacts requires an understanding of what makes them effective in changing an employee’s information protection behaviour. In a scenario-based field experiment with 82 participants we test for direct and moderation effects of policy-enforcing technological agents on employees’ information protection behaviour. Captured screen recordings of the simulated work environment are analysed with principles of inductive reasoning to suggest a cognitive process model of users’ information protection behaviour. Shedding light into the black box of the post-motivational phase helps us to investigate when employees are specifically challenged to protect confidential information and how a policy-enforcing technological agent might help to prevent information leakage incidents.
Original languageEnglish
Publication statusPublished - 2013
Externally publishedYes
Event21. European Conference on Information Systems - Utrecht, Netherlands
Duration: 5-Jun-20138-Jun-2013

Conference

Conference21. European Conference on Information Systems
Country/TerritoryNetherlands
CityUtrecht
Period05/06/201308/06/2013

Keywords

  • IS security behaviour leakage prevention policy enforcement field experiment

Fingerprint

Dive into the research topics of 'IS Security Policy Enforcement with Technological Agents: A Field Experiment'. Together they form a unique fingerprint.

Cite this