Factors affecting user experience with security features: A case study of an academic institution in Namibia

The widespread use of personal computers and other devices based on Information and Communication Technology (ICT) for networking and communication via the Internet exposes the end users to cybercriminals. Security systems and security features that interact with users via alerts, dialogue boxes and action buttons (such as update notices and other warnings) are embedded in operating systems and application programs in order to protect electronic information. Human behaviour and attitudes towards security features determine the user experience during the implementation of Information Security. Cyber criminals are primarily targeting the human aspect of security, since end users are easier to manipulate. In order to effectively secure information, the fields of Usable security and User experience should be integrated in the design and use of security features. This paper presents the findings of an online survey carried out to investigate attitudes towards, behaviour with and experience of embedded security features among members of staff in a tertiary education institution. User experience was measured by enumerating general security awareness, policy awareness and implementation, as well as user behaviour and emotions associated with security interaction. This paper reports on the findings of this survey. The researchers envisage that the findings can lead to the practical development and implementation of a framework for secure user experience.