The impact of work pressure and work completion justification on intentional nonmalicious information security policy violation intention

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2023-07-01 DOI:10.1016/j.cose.2023.103253

Randi Jiang , Jianru Zhang

{"title":"The impact of work pressure and work completion justification on intentional nonmalicious information security policy violation intention","authors":"Randi Jiang , Jianru Zhang","doi":"10.1016/j.cose.2023.103253","DOIUrl":null,"url":null,"abstract":"<div><p>As businesses have had to change how they operate due to the coronavirus pandemic, the need for remote work has risen. With the continuous advancements in technology and increases in typical job demands, employees need to increase their work productivity beyond regular work hours in the office. This type of work environment creates even more opportunities for security breaches due to employees intentionally violating information security policy violations. Although explicitly prohibited by information security policies (ISP), organizations have observed that employees bring critical data out of the office to complete their work responsibilities remotely. Consequently, developing a deeper understanding of how work pressure may influence employees to violate ISPs intentionally is crucial for organizations to protect their critical information better. Based upon the fraud triangle theory, this study proposes the opportunity to copy critical data, work pressure, and work completion justification as the primary motivational factors behind why employees copy critical company data to unsecured storage devices to work at home. A survey was conducted of 207 employees from a marketing research firm. The results suggest that opportunity, work pressure, and work completion justification are positively related to nonmalicious ISP violation intentions. Furthermore, the interaction effect between work completion justification and work pressure on the ISP violation intention is significant and positive. This study provides new insights into our understanding of the roles of work pressure and work completion justification on intentional nonmalicious ISP violation behaviors.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"130 ","pages":"Article 103253"},"PeriodicalIF":4.8000,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10079594/pdf/","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404823001633","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 1

Abstract

As businesses have had to change how they operate due to the coronavirus pandemic, the need for remote work has risen. With the continuous advancements in technology and increases in typical job demands, employees need to increase their work productivity beyond regular work hours in the office. This type of work environment creates even more opportunities for security breaches due to employees intentionally violating information security policy violations. Although explicitly prohibited by information security policies (ISP), organizations have observed that employees bring critical data out of the office to complete their work responsibilities remotely. Consequently, developing a deeper understanding of how work pressure may influence employees to violate ISPs intentionally is crucial for organizations to protect their critical information better. Based upon the fraud triangle theory, this study proposes the opportunity to copy critical data, work pressure, and work completion justification as the primary motivational factors behind why employees copy critical company data to unsecured storage devices to work at home. A survey was conducted of 207 employees from a marketing research firm. The results suggest that opportunity, work pressure, and work completion justification are positively related to nonmalicious ISP violation intentions. Furthermore, the interaction effect between work completion justification and work pressure on the ISP violation intention is significant and positive. This study provides new insights into our understanding of the roles of work pressure and work completion justification on intentional nonmalicious ISP violation behaviors.

Abstract Image

查看原文本刊更多论文

工作压力和工作完成理由对非恶意信息安全政策故意违反意图的影响

由于冠状病毒大流行，企业不得不改变运营方式，对远程工作的需求增加了。随着技术的不断进步和典型工作需求的增加，员工需要在办公室正常工作时间之外提高工作效率。由于员工故意违反信息安全策略，这种类型的工作环境为安全漏洞创造了更多的机会。尽管信息安全政策（ISP）明确禁止，但各组织观察到，员工将关键数据带出办公室，以远程完成工作职责。因此，深入了解工作压力如何影响员工故意违反ISP，对于组织更好地保护其关键信息至关重要。基于欺诈三角理论，本研究提出，复制关键数据的机会、工作压力和工作完成理由是员工将关键公司数据复制到不安全的存储设备上在家工作的主要动机。对一家市场调查公司的207名员工进行了调查。结果表明，机会、工作压力和工作完成理由与非恶意ISP违规意图呈正相关。此外，工作完成理由和工作压力对ISP违规意图的交互作用是显著和积极的。本研究为我们理解工作压力和工作完成理由在故意非恶意ISP违规行为中的作用提供了新的见解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.