Logo des Repositoriums

Auflistung nach Schlagwort "Policy Compliance"

1 - 3 von 3
  • Konferenzbeitrag
    On the diffusion of security behaviours
    (Open Identity Summit 2020, 2020) Kurowski, Sebastian; Roßnagel, Heiko
    Security behaviour has been researched from a variety of theoretical lenses, however a clear picture on the factors that foster secure behaviour is still missing. This contribution uses the diffusion of innovations theory and applies it to four exemplary security behaviours to identify how it can explain the uptake of each behaviour. In contrast to many other approaches, it focuses on the behaviour itself, not the behaving individual. We are able to show differences in the uptake of idealized security behaviours. A perceived relative advantage positively impacts the uptake of a behaviour, however this advantage seems rarely to be motivated by a perceived risk. Risk only seems to play a minor role for the diffusion of security behaviours. Additionally, the relative advantage does not seem to be a necessity for the diffusion of a behaviour. If the other properties namely compatibility, triability, observability, and low complexity of a behaviour are adequately fulfilled a successful diffusion is still possible.
  • Konferenzbeitrag
    On the possible impact of security technology design on policy adherent user behavior - Results from a controlled empirical experiment
    (SICHERHEIT 2018, 2018) Kurowski, Sebastian; Fähnrich, Nicolas; Roßnagel, Heiko
    This contribution provides results from a controlled experiment on policy compliance in work environments with restrictive security technologies. The experimental setting involved subjects forming groups and required them to solve complex and creative tasks for virtual customers under increasing time pressure, while frustration and work impediment of the used security technology were measured. All subjects were briefed regarding existing security policies in the experiment setting, and the consequences of violating these policies, as well as the consequences for late delivery or failure to meet the quality criteria of the virtual customer. Policy breaches were observed late in the experiment, when time pressure was peaking. Subjects not only indicated maximum frustration, but also a strong and significant correlation (.765, p<.01) with work impediment caused by the security technology. This could indicate that user-centred design does not only contribute to the acceptance of a security technology, but may also be able to positively influence practical information security as a whole.
  • Textdokument
    Response and Cultural Biases in Information Security Policy Compliance Research
    (Open Identity Summit 2017, 2017) Kurowski, Sebastian; Dietrich, Fabina
    This contribution tries to shed light on whether current information security policy compliance research is affected by response (such as social desirability) or cultural biases. Based upon the hypothesis that response biases may be subject to information processing of the questionnaire item by the respondent, a classification of questionnaire items of 17 surveys is provided. Furthermore, the Individualism and Power Distance indices are gathered for the survey samples. Correlation analysis reveals that the Power Distance index correlates negatively, while Individualism correlates positively with the mean self-reported policy compliance. These findings support previous findings on the role of Power Distance and contradict the influence of response and social desirability biases on self-reported information security policy compliance.