Technostress and its influence on employee information security policy compliance

IF 4.9 3区管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE

Information Technology & People Pub Date : 2020-12-28 DOI:10.1108/itp-09-2020-0610

Forough Nasirpouri Shadbad, D. Biros

{"title":"Technostress and its influence on employee information security policy compliance","authors":"Forough Nasirpouri Shadbad, D. Biros","doi":"10.1108/itp-09-2020-0610","DOIUrl":null,"url":null,"abstract":"PurposeThis study focuses on unintended negative consequences of IT, called technostress. Given that employees are recognized as a major information security threat, it makes sense to investigate how technostress resulting from employees' constant interaction with IT influences the likelihood of security incidents. Although past research studied the concept of security-related technostress, the effect of IT use itself on employees’ extra-role activities such as security-related behaviors is unanswered. Thus, this paper aims to provide an understanding of the negative impact of technostress on employee information security policy (ISP) compliance.Design/methodology/approachDrawing on technostress literature, this research develops a research model that investigates the effect of technostress on employee intention to violate ISPs. It also extends the dimensionality of technostress construct by adding a new dimension called “techno-unreliability” that shows promising results. The authors use online survey data from a sample of 356 employees who have technology-based professions. We apply the structural equation modeling technique to evaluate the proposed research model.FindingsFindings showed that IT use imposes high-level perceptions of a set of technostress creators, which makes users rationalize their ISP violations and engage in non-compliant behaviors. Further analysis of each dimension of technostress showed that techno-complexity, techno-invasion and techno-insecurity account for higher ISP non-compliant behaviors.Originality/valueThis study provides a new understanding of technostress to the context of information security and emphasizes on its negative impact on employee ISP compliance behaviors.","PeriodicalId":47740,"journal":{"name":"Information Technology & People","volume":null,"pages":null},"PeriodicalIF":4.9000,"publicationDate":"2020-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Technology & People","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1108/itp-09-2020-0610","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}

引用次数: 11

Abstract

PurposeThis study focuses on unintended negative consequences of IT, called technostress. Given that employees are recognized as a major information security threat, it makes sense to investigate how technostress resulting from employees' constant interaction with IT influences the likelihood of security incidents. Although past research studied the concept of security-related technostress, the effect of IT use itself on employees’ extra-role activities such as security-related behaviors is unanswered. Thus, this paper aims to provide an understanding of the negative impact of technostress on employee information security policy (ISP) compliance.Design/methodology/approachDrawing on technostress literature, this research develops a research model that investigates the effect of technostress on employee intention to violate ISPs. It also extends the dimensionality of technostress construct by adding a new dimension called “techno-unreliability” that shows promising results. The authors use online survey data from a sample of 356 employees who have technology-based professions. We apply the structural equation modeling technique to evaluate the proposed research model.FindingsFindings showed that IT use imposes high-level perceptions of a set of technostress creators, which makes users rationalize their ISP violations and engage in non-compliant behaviors. Further analysis of each dimension of technostress showed that techno-complexity, techno-invasion and techno-insecurity account for higher ISP non-compliant behaviors.Originality/valueThis study provides a new understanding of technostress to the context of information security and emphasizes on its negative impact on employee ISP compliance behaviors.

查看原文本刊更多论文

技术压力及其对员工信息安全策略遵从性的影响

目的:本研究的重点是信息技术意想不到的负面后果，称为技术压力。鉴于员工被认为是主要的信息安全威胁，调查员工与it不断互动所产生的技术压力如何影响安全事件的可能性是有意义的。虽然过去的研究研究了与安全相关的技术压力的概念，但IT使用本身对员工角色外活动(如与安全相关的行为)的影响尚未得到解答。因此，本文旨在提供技术压力对员工信息安全政策(ISP)合规性的负面影响的理解。设计/方法/途径借鉴技术压力相关文献，本研究建立了一个研究模型，探讨技术压力对员工违反互联网服务提供商意愿的影响。通过增加“技术不可靠性”的新维度，扩展了技术压力结构的维度，并显示出令人满意的结果。作者使用了来自356名从事技术相关职业的员工的在线调查数据。我们运用结构方程建模技术来评估所提出的研究模型。研究结果表明，IT的使用强加了一组技术压力创造者的高水平感知，这使得用户合理化他们的ISP违规行为并从事不合规行为。对技术压力各维度的进一步分析表明，技术复杂性、技术入侵和技术不安全感是导致ISP不服从行为的主要原因。原创性/价值本研究为信息安全背景下的技术压力提供了新的理解，并强调其对员工ISP合规行为的负面影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Technology & People INFORMATION SCIENCE & LIBRARY SCIENCE-

CiteScore

8.20

自引率

13.60%

发文量

121

期刊介绍： Information Technology & People publishes work that is dedicated to understanding the implications of information technology as a tool, resource and format for people in their daily work in organizations. Impact on performance is part of this, since it is essential to the well being of employees and organizations alike. Contributions to the journal include case studies, comparative theory, and quantitative research, as well as inquiries into systems development methods and practice.