Conference ProceedingsOPEN ACCESS

Security circumvention: To educate or to enforce?

Proceedings of the Annual Hawaii International Conference on System Sciences (2018) 2018-January 5195-5204
DOI: 10.24251/hicss.2018.648
2Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.

Abstract

Deliberate circumvention of information systems security is a common behavioral pattern among users. It not only defeats the purpose of having the security controls in place, but can also go far beyond in terms of the total damage it can cause. An organization grappling with circumvention can try to (i) train its users, or (ii) take on enforcement measures, or adopt a combination of the two. In this work, we look at the trade-off between these two very different approaches towards circumvention and try to gain some insights about how an organization might wish to tackle this menace.

Author supplied keywords

Cite

CITATION STYLE

APA

Dey, D., Ghoshal, A., & Lahiri, A. (2018). Security circumvention: To educate or to enforce? In Proceedings of the Annual Hawaii International Conference on System Sciences (Vol. 2018-January, pp. 5195–5204). IEEE Computer Society. https://doi.org/10.24251/hicss.2018.648

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free