促进远程工作环境中的安全行为:塑造信息安全政策合规性的个人价值观

IF 5 3区 管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE
Carlos I. Torres, Robert E. Crossler
{"title":"促进远程工作环境中的安全行为:塑造信息安全政策合规性的个人价值观","authors":"Carlos I. Torres, Robert E. Crossler","doi":"10.1287/isre.2021.0563","DOIUrl":null,"url":null,"abstract":"Organizations worldwide face critical concerns related to cybersecurity threats and information security policy (ISP) compliance. Even though humans are the weakest link in the cybersecurity chain, information security professionals understand the importance of promoting individual information security behaviors because employees are also the first line of defense against ever-increasing cyber threats. Despite a recent trend of working from home, organizations do not make significant differences in their information security interventions for remote workers, relying mainly on VPNs as the only used tool, essentially making employees follow in-office standard information security policies because they are “virtually in-office.” Our study suggests that organizations need to recognize the unique context of remote work and consider personal motivations when shaping information security practices. Furthermore, our study indicates that in order to motivate remote employees to follow secure information security practices, organizations should consider personal characteristics instead of focusing on generic interventions. For instance, our study compares onsite and remote workers, suggesting that personal values are more relevant in remote work settings. Our findings exemplify just one of the many potential personal characteristics to be considered, highlighting how personal values are important motivators for ISP compliance and how they differ for onsite and remote workers in their importance when following information security rules.","PeriodicalId":48411,"journal":{"name":"Information Systems Research","volume":"26 1","pages":""},"PeriodicalIF":5.0000,"publicationDate":"2024-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Promoting Security Behaviors in Remote Work Environments: Personal Values Shaping Information Security Policy Compliance\",\"authors\":\"Carlos I. Torres, Robert E. Crossler\",\"doi\":\"10.1287/isre.2021.0563\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Organizations worldwide face critical concerns related to cybersecurity threats and information security policy (ISP) compliance. Even though humans are the weakest link in the cybersecurity chain, information security professionals understand the importance of promoting individual information security behaviors because employees are also the first line of defense against ever-increasing cyber threats. Despite a recent trend of working from home, organizations do not make significant differences in their information security interventions for remote workers, relying mainly on VPNs as the only used tool, essentially making employees follow in-office standard information security policies because they are “virtually in-office.” Our study suggests that organizations need to recognize the unique context of remote work and consider personal motivations when shaping information security practices. Furthermore, our study indicates that in order to motivate remote employees to follow secure information security practices, organizations should consider personal characteristics instead of focusing on generic interventions. For instance, our study compares onsite and remote workers, suggesting that personal values are more relevant in remote work settings. Our findings exemplify just one of the many potential personal characteristics to be considered, highlighting how personal values are important motivators for ISP compliance and how they differ for onsite and remote workers in their importance when following information security rules.\",\"PeriodicalId\":48411,\"journal\":{\"name\":\"Information Systems Research\",\"volume\":\"26 1\",\"pages\":\"\"},\"PeriodicalIF\":5.0000,\"publicationDate\":\"2024-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information Systems Research\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://doi.org/10.1287/isre.2021.0563\",\"RegionNum\":3,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"INFORMATION SCIENCE & LIBRARY SCIENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Systems Research","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1287/isre.2021.0563","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 0

摘要

全球各组织都面临着与网络安全威胁和信息安全政策(ISP)合规性相关的重大问题。尽管人类是网络安全链中最薄弱的一环,但信息安全专业人员深知促进个人信息安全行为的重要性,因为员工也是抵御日益增长的网络威胁的第一道防线。尽管近来出现了在家办公的趋势,但企业对远程员工的信息安全干预措施并没有明显的区别,主要依赖 VPN 作为唯一使用的工具,实质上是让员工遵循办公室内的标准信息安全政策,因为他们 "实际上是在办公室内"。我们的研究表明,组织需要认识到远程工作的独特环境,并在制定信息安全措施时考虑个人动机。此外,我们的研究还表明,为了激励远程员工遵循安全的信息安全实践,组织应考虑个人特点,而不是专注于一般的干预措施。例如,我们的研究对现场员工和远程员工进行了比较,结果表明,在远程工作环境中,个人价值观更为重要。我们的研究结果只是众多潜在个人特征中的一个例子,它强调了个人价值观如何成为遵守信息安全计划的重要激励因素,以及在遵守信息安全规则时,个人价值观对现场和远程员工的重要性有何不同。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Promoting Security Behaviors in Remote Work Environments: Personal Values Shaping Information Security Policy Compliance
Organizations worldwide face critical concerns related to cybersecurity threats and information security policy (ISP) compliance. Even though humans are the weakest link in the cybersecurity chain, information security professionals understand the importance of promoting individual information security behaviors because employees are also the first line of defense against ever-increasing cyber threats. Despite a recent trend of working from home, organizations do not make significant differences in their information security interventions for remote workers, relying mainly on VPNs as the only used tool, essentially making employees follow in-office standard information security policies because they are “virtually in-office.” Our study suggests that organizations need to recognize the unique context of remote work and consider personal motivations when shaping information security practices. Furthermore, our study indicates that in order to motivate remote employees to follow secure information security practices, organizations should consider personal characteristics instead of focusing on generic interventions. For instance, our study compares onsite and remote workers, suggesting that personal values are more relevant in remote work settings. Our findings exemplify just one of the many potential personal characteristics to be considered, highlighting how personal values are important motivators for ISP compliance and how they differ for onsite and remote workers in their importance when following information security rules.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
9.10
自引率
8.20%
发文量
120
期刊介绍: ISR (Information Systems Research) is a journal of INFORMS, the Institute for Operations Research and the Management Sciences. Information Systems Research is a leading international journal of theory, research, and intellectual development, focused on information systems in organizations, institutions, the economy, and society.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信