Workarounds as Means to Identify Insider Threats to Information Systems Security
Arduin, Pierre-Emmanuel; Vieru, Dargos (2017), Workarounds as Means to Identify Insider Threats to Information Systems Security, Proceedings of the Twenty-third Americas Conference on Information Systems, Boston, USA, August 10-12, Association for Information Systems
TypeCommunication / Conférence
Conference titleAssociation for Information Systems
Conference countryUnited States
Book titleProceedings of the Twenty-third Americas Conference on Information Systems, Boston, USA, August 10-12
MetadataShow full item record
Abstract (EN)Workarounds represent deliberate actions of employees in contrast with the prescribed practices and organizations generally perceive them as unwanted processes. Workarounds may lead to information systems (IS) security policy violations, notably when prescribed practices lead employees to face obstacles in accomplishing their daily tasks. Such behavior generates new insider threats to IS security. In this article, we adopt the view that workarounds may enable the identification of new security threats. We propose a conceptual model that illustrates how workarounds generating non-malicious security violations might constitute sources of knowledge about new security threats.
Subjects / KeywordsWorkarounds; Insider threat; Security policy; Non-malicious security violation
Showing items related by title and author.
Sharing Knowledge in a Shared Services Center Context: An Explanatory Case Study of the Dialectics of Formal and Informal Practices Vieru, Dargos; Arduin, Pierre-Emmanuel (2016) Communication / Conférence
Innovative Solutions for Information and Knowledge Systems Security : A Total Quality Management Perspective Arduin, Pierre-Emmanuel; Kabèche, Doudja; Sali, Mustapha (2017) Communication / Conférence