The amplification effects of procedural justice on a threat control model of information systems security behaviours

Organisations are increasingly impacted by employee failures to implement readily available systems security countermeasures that result in security lapses. An area where this is most intriguing is among those organisational members who know how to implement security measures but do not do so. Important suggestions have been made, but despite them, the problem continues, and even grows worse. Most of the research into these security behaviours have been either purely self-report perceptions (many with low response rates) or have consisted of theory and model building and testing. In addition, the extant research has concentrated on either individual or organisational factors. With our research, we were interested in addressing two literature gaps: (1) to determine how well perceptions of security behaviours translated into the world of practice, and (2) to understand the relationships between individual and organisational factors. Our study found that individual factors outlined in the threat control model amplified with high perceptions of organisational procedural justice on taking specified security countermeasures. Consequently, we make recommendations for research and practice.     

信息网络的威胁与防范策略

网络带给人们的便利之一就是信息共享,然而,与之俱来的是来自各方的信息安全威胁。本文从威胁的来源入手,分析威胁产生的原因,进而提出消除威胁的对策以实现网络的安全运行。     

The role of perceived organizational support,distributive justice and motivation in reactions to new information technology

Despite tremendous investments in information technology (IT), many technological interventions in organizations fail because employees do not fully accept and use IT. The present study explored how perceived organizational support and distributive justice affect employee reactions to new IT from a motivational point of view. Self-determination theory was used to understand how different motivational styles, varying in degree of self-determination, mediate the relationship of perceived organizational support and distributive justice with reactions to new IT. Results showed that perceived organizational support and distributive justice were associated with intrinsic and identified motivation to use the IT, but only POS was related to enjoyment and acceptance of the IT. Intrinsic and extrinsic motivation were both associated with IT usage, but IT usage was associated with enjoyment and acceptance only when people were intrinsically motivated. Intrinsic motivation also mediated the effects of POS on enjoyment and acceptance. Moreover, intrinsically motivated users were less likely to use a paper-based appointment booking alternative than those who were not. Implications for managing IT implementations are discussed.     

Exploring the effects of direct experience on IT use: An organizational field study

Empirical studies have investigated the effect of attitude and behavior on IT acceptance in organizations but yielded ambiguous results. Possibly they have not effectively accounted for the moderating effects of experience gained through direct interaction with the target technology. We examined the moderating effect of the length of direct experience on IT acceptance relationships and constructs. Using multi-group invariance analysis, we demonstrated that relationships between key IT acceptance constructs differed, depending on the user's experience. The incorporation of direct experience can lead to convergent results and contribute to further understanding of the process. We discuss some implications from the knowledge that IT use is a dynamic process and suggest that IT management must account for direct experience in their decision making.     

Information systems security policy compliance: An empirical study of the effects of socialisation,influence, and cognition

This study investigated employees’ information systems security policy (ISSP) compliance behavioural intentions in organisations from the theoretical lenses of social bonding, social influence, and cognitive processing. Given that previous research on ISSP compliance has been based on deterrence theory, this study seeks to augment and diversify research on ISSP compliance through its theoretical perspective. Relevant hypotheses were developed to test the research conceptualisation. Data from a survey of business managers and IS professionals confirmed that social bonds that are formed at work largely influence attitudes towards compliance and subjective norms, with both constructs positively affecting employees’ ISSP compliance. Employees’ locus of control and capabilities and competence related to IS security issues also affect ISSP compliance behavioural intentions. Overall, the constructs in the research model enhance our understanding of the social-organisational and psychological factors that might encourage or accentuate employees’ ISSP compliance in the workplace.     

Flamingos on a slackline: Companies' challenges of balancing the competing demands of handling customer information and privacy

Providers of online services are under increasing pressure to leverage the value inherent in customer data to remain competitive. At the same time, however, Internet users' privacy has become more and more subject to public debate, and companies must protect this privacy if they want to attract and retain customers. It seems that companies struggle to satisfy these competing demands, and neglecting either could have detrimental effects on their success. Different streams of research underline the importance of either privacy protection or the collection and use of customer information. But they remain largely silent about the resulting challenges that companies face. In this study, we address this gap by exploring how companies perceive and handle the tensions between their organizational information needs that necessitate some degree of privacy intrusion and their need to attract and retain customers, which requires privacy protection. We develop a grounded theory that explains how companies balance these opposing demands from an organizational perspective. More specifically, we identify four challenging tensions that define the conditions under which companies must operate. We find that companies try to achieve and maintain a state of balance in the presence of these tensions, and we discover three categories of tactics that help companies in their balancing acts. Our research contributes to a provider‐centric perspective on information privacy and uncovers the management of customer information and privacy as a new but important context in which organizational ambidexterity is required. We offer a detailed perspective on the specific challenges that companies face with respect to customer information and privacy, and our results can guide managers who have to deal with these challenges.     

Peers matter: The moderating role of social influence on information security policy compliance

Information security in an organization largely depends on employee compliance with information security policy (ISP). Previous studies have mainly explored the effects of command‐and‐control and self‐regulatory approaches on employee ISP compliance. However, how social influence at both individual and organizational levels impacts the effectiveness of these two approaches has not been adequately explored. This study proposes a social contingency model in which a rules‐oriented ethical climate (employee perception of a rules‐adherence environment) at the organizational level and susceptibility to interpersonal influence (employees observing common practices via peer interactions) at the individual level interact with both command‐and‐control and self‐regulatory approaches to affect ISP compliance. Using employee survey data, we found that these two social influence factors weaken the effects of both command‐and‐control and self‐regulatory approaches on ISP compliance. Theoretical and practical implications are also discussed.     

Predictors of students' participation in internet or computer tutoring for additional instruction and its effect on academic achievement

In recent years, it has become common to use the internet or computer tutoring with a programme or application for additional instruction (ICTPAAI), in addition to the mandatory school schedule. This study aimed to understand students' participation in ICTPAAI and its relation to academic achievement. Multilevel structural equation modelling was conducted on a sample comprising 6,425 Chinese students (M_age 15.72 years; 48.9% girls) who had various forms of additional instruction during the 2014/2015 school year. Results showed that the use of information and communication technology (ICT) to complete schoolwork, whether in school or outside of school, was positively associated with students' participation in ICTPAAI; however, students' ICT interest, ICT self-efficacy and ICT autonomy were not. Students' participation in ICTPAAI was negatively associated with their academic achievement at the end of the school year; much variance was explained at the school level. These findings suggest that students should be cautious about participating in this form of additional instruction and that schools play an important role in students' participation in ICTPAAI.     

Exploring the positive side of personal internet use at work: Does it help in managing the border between work and nonwork?

Many employees use the internet at work for personal reasons, and it has been suggested that this behavior can be understood as an attempt to manage the border between work and nonwork. Using data from 190 office workers, the study aims to test how well work/family border theory can explain personal internet use. The results only partly support work/family border theory, as only the amount of private demands and identification with work at work were significant predictors of personal internet use (which was found to be unrelated to work–nonwork balance). These findings suggest that work/family border theory offers only a limited perspective for the explanation of why people use the internet at work for personal business.     

The relationship of self-perception,personality and high school type with the level of problematic internet use in adolescents

As adolescents spend a substantial part of the day using internet, they constitute one of the risk groups for problematic internet use. The purpose of this study was to investigate the relationship between problematic internet use and the self-perception, personality type, gender of adolescents, and how these relationships varied depending on the type of high school the students attended. This study was conducted with 771 students studying at Anatolian high schools, science high schools, arts high schools, vocational high schools for girls, vocational technical high schools, trade vocational high schools, and common high schools in the city of Kars, Turkey. In this study, 433 (56.2%) of the participants were girls, while 338 (43.8%) were boys. The forms, scales and questionnaires administered during the study included the Personal Information Form, the Problematic Internet Use Scale, the Self-Perception Scale for Adolescents, and Eysenck's Personality Questionnaire. Data were analyzed using multiple linear regression analysis and the one way ANOVA test. The present study examined whether personality type (extraversion, neuroticism, lie and psychoticism), self-perception (romantic appeal, physical appearance, social acceptance/close friendship, behavioral conduct, athletic competence and job competence), gender, and duration of internet use can predict problematic internet use. Based on the study results, it was observed that gender, duration of internet use, lying type personality, neuroticism, psychoticism, romantic appeal, physical appearance and behavioral conduct were significant predictors of problematic internet use, while positive attributes such as extraversion, athletic competence, job competence, and social acceptance/close friendship were not. Moreover, it was determined that the type of high school led to significant differences with regards to problematic internet use among students, and that students at technical high school were more prone to problematic internet use.     

Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress,emotions, and neutralization

We conceptualized security-related stress (SRS) and proposed a theoretical model linking SRS, discrete emotions, coping response, and information security policy (ISP) compliance. We used an experience sampling design, wherein 138 professionals completed surveys. We observed that SRS had a positive association with frustration and fatigue, and these negative emotions were associated with neutralization of ISP violations. Additionally, frustration and fatigue make employees more likely to follow through on their rationalizations of ISP violations by decreased ISP compliance. Our findings provide evidence that neutralization is not a completely stable phenomenon but can vary within individuals from one time point to another.     

企业信息安全现状与发展趋势分析

随着网络技术的不断发展，信息安全问题越发的突出，许多国家都从战略角度提升了信息安全的地位。文章通过对信息安全面临的威胁、信息安全理论、信息对抗等现状与趋势分析，为企业信息安全防护工作提出解决思路。     

Using multidimensional scaling and PLS-SEM to assess the relationships between personality traits,problematic internet use,and fear of missing out

ABSTRACT

Informed by the Compensatory Internet Use theory, this study was aimed at revealing possible links between adults’ personality traits, Fear of Missing Out (FoMO), and Problematic Internet Use (PIU). Given the exploratory nature of this study, two statistical techniques were used: Smallest Space Analysis (SSA, a variant of multidimensional scaling), and Partial Least Squares Structural Equation Modeling (PLS-SEM). Data were gathered from 359 adults, by three questionnaires: Fear of Missing Out scale (FoMOs), Short Problematic Internet Use Test (SPIUT), and the Big Five personality trait questionnaire. The SSA results yielded a radex projection. The projection has confirmed the five-factorial theoretical structure of the Big Five personality traits. In the SSA projection, the PIU was found in the extraversion area, the FoMO in the neuroticism area, and both PIU and FoMO factors were in close proximity to each other. Based on the SSA map and the theoretical framework, PLS-SEM was deployed to discover possible links between the research factors. According to the results, the FoMO variable had a mediating role, linking neuroticism to PIU. Limitations, conclusions, and directions for further research are discussed.     

The Next Generation Enterprise: A CIO Perspective on the Vision, its Impacts, and Implementation Challenges

This article presents a senior-executive perspective on the grand vision of a Next Generation Enterprise (NGE), its organizational and individual impacts, and the organizational and technological challenges associated with implementing this vision. It is based upon discussions that took place at a CIO Panel, consisting of nine senior executives from a wide cross section of organizations and organized during the Academia/Industry Working Conference on Research Challenges 2000 (AIWoRC '00 Conference) to address the central theme of the conference: The Next Generation Enterprise: Virtual Organizations and Mobile and Pervasive Technologies. The paper first presents theoretical notions about virtuality, virtual organizations, pervasive and mobile information technologies (PMITs), and authors' conceptualization of a prototypical NGE. This is followed by a synthesis and summary of the panel discussion under five major thematic areas: (1) the shaping of the emerging NGE vision as enabled by modern-day PMITs, (2) the significant organizational impacts and changes occasioned by the NGE vision, (3) the crucial impacts that the NGE model may have on individual work and personal lives, (4) the critical organizational issues and challenges in implementing the NGE vision, and (5) the major technological issues that, if left unattended, may hamper translation of the NGE vision into a reality. The paper concludes with remarks about the crucial requirements for making the NGE vision a reality.     

Exploring the effects of ICTs,workforce, and gender on capacity utilization

ABSTRACT

Information and communication technologies (ICTs) investments come with expectations of increased productivity, but results from ICT impact studies are mixed. We look at workforce characteristics and female participation in the workforce and management and ICTs as contexts to investigate their impact on capacity utilization. This was accomplished by using the Technology, Organization, and Environment framework and regression analysis. The results illustrate the importance of a stable and skilled workforce, capable of leveraging the existing infrastructure. In addition, the pursuit of international certifications, formal employee training, female participation, and other factors affect capacity utilization. From the research findings, we identified eight research hypotheses for future investigations.     

煤炭安全生产监控系统信息发布安全性研究

分析了煤矿安全生产监控信息发布系统的安全现状,指出了现有的各个安全生产监控系统生产厂家信息发布系统所存在的安全隐患。在分析了其安全隐患存在的原因后,提出了相应可行的解决方案。目前该方案已经在部分煤矿企业进行了应用推广,效果良好。     

Exploring the effects of trust,task interdependence and virtualness on knowledge sharing in teams

The sharing of knowledge within teams is critical to team functioning. However, working with team members who are in different locations (i.e. in virtual teams) may introduce communication challenges and reduce opportunities for rich interactions, potentially affecting knowledge sharing and its outcomes. Therefore, using questionnaire‐based data, this study examined the potential effects of different aspects of virtuality on a knowledge‐sharing model. Social exchange theory was used to develop a model relating trust to knowledge sharing and knowledge sharing to team effectiveness. The moderating effects of virtuality and task interdependence on these relationships were examined. A strong positive relationship was found between trust and knowledge sharing for all types of teams (local, hybrid and distributed), but the relationship was stronger when task interdependence was low, supporting the position that trust is more critical in weak structural situations. Knowledge sharing was positively associated with team effectiveness outcomes; however, this relationship was moderated by team imbalance and hybrid structures, such that the relationship between sharing and effectiveness was weaker. Organizations should therefore avoid creating unbalanced or hybrid virtual teams.     

数字鉴别与认证课程教学的几点看法

从数字鉴别与认证教学的实际出发,阐述数字鉴别与认证课程的学习目的、学习内容,并对教学过程中的教学方法和教学经验进行了一些有益的探索。教学实践表明本文采用的教学内容、教学方法取得了良好的教学效果。     

勘察设计企业电子文档安全体系建设探讨

着重从企业IT架构的网络层、系统层和应用层三个层面探讨勘察设计企业电子文档安全保护的系统化解决思路,涉及防病毒、内核加固、网闸、电子文件加密和认证、上网行为管理、客户端桌面管理、存储和备份等七个方面的内容。     

The Impact of Company,Subject, and System Characteristics on the Trust Factors Affecting the Adoption of Internet-based Interorganizational Systems

An empirical study was conducted in Hong Kong to investigate perceptions regarding the impact of company, subject, and system characteristics on trust factors affecting the adoption of internet-based interorganizational systems (IIOSs). Data were collected from 295 practitioners and analyzed using t-tests and one-way ANOVA. This study confirms that company size affects views regarding the importance of trust factors to the adoption of IIOSs. Thus, practitioners should focus on company size during the adoption of IIOSs.