Workarounds as Means to Identify Insider Threats to Information Systems Security
Arduin, Pierre-Emmanuel; Vieru, Dargos (2017), Workarounds as Means to Identify Insider Threats to Information Systems Security, Proceedings of the Twenty-third Americas Conference on Information Systems, Boston, USA, August 10-12, Association for Information Systems
Type
Communication / ConférenceDate
2017Conference title
Association for Information SystemsConference date
2017-08Conference city
BostonConference country
United StatesBook title
Proceedings of the Twenty-third Americas Conference on Information Systems, Boston, USA, August 10-12Publisher
Association for Information Systems
Metadata
Show full item recordAbstract (EN)
Workarounds represent deliberate actions of employees in contrast with the prescribed practices and organizations generally perceive them as unwanted processes. Workarounds may lead to information systems (IS) security policy violations, notably when prescribed practices lead employees to face obstacles in accomplishing their daily tasks. Such behavior generates new insider threats to IS security. In this article, we adopt the view that workarounds may enable the identification of new security threats. We propose a conceptual model that illustrates how workarounds generating non-malicious security violations might constitute sources of knowledge about new security threats.Subjects / Keywords
Workarounds; Insider threat; Security policy; Non-malicious security violationRelated items
Showing items related by title and author.
-
(2017) Communication / Conférence
-
(2018) Ouvrage
-
(2014-11) Communication / Conférence
-
(2014) Communication / Conférence
-
(2013) Article accepté pour publication ou publié