The number of home computer users is increasing faster than ever. Home users’ security should be an important research topic in IS security research, not only from the perspective of protecting home users’ personal or work information on their home computers, but also because hijacked home computers have become an ideal breading ground for hackers attacking organizations, and distributing illegal or morally questionable material. Despite the importance of studying home users’ security behaviour, the primary focus of the behavioural IS security research has been on an organizational context. While this research at an organizational context is important, we argue that the “home users” context require more attention by scholars. While there are similarities between “home users’ IS security behaviour” and “employees’ compliance with IS security procedures at organizational context”, it is necessary to understand their differences, to allow research and practice on “home users security behaviour” to develop further. We argue that previous research has not paid attention to such differences. As a first step in remedying the gap in our understanding, we first theorise these differences, we consider, that there are at least nine contextual factors that may result in an individual’s behaviour inconsistency in the workplace and home, and because of this, we argue that the same theories may not explain the use of security features in home and organizational contexts. Based on this conceptualization, we present a research agenda for studying home users’ security behaviour.


home user, information security behaviour, contextual factors, individual’s behaviour inconsistency


ISBN: [978-1-86435-644-1]; Full paper