Start Date

10-12-2017 12:00 AM

Description

Non-compliant employees continue to pose a serious threat to information systems security. Most attempts to increase compliant behavior rely on measures that reduce employees’ latitude. However, recent studies suggest that this indeed eventuates in less compliance due to adverse behaviors of frustrated or stressed employees. In this study, we propose a novel approach where increased latitude –by means of permitting BYOx–increases the intention to comply. In order to do so, we first construct a theoretical model that links BYOx with empowerment and abuse intention. Subsequently, we run a feasibility study to assess our experimental design and the general feasibility of our propositions. The results suggest that psychological empowerment can indeed be manipulated with vignettes, and that changes in empowerment influence individuals’ abuse intentions. Based on such initial promising results, we outline how this novel approach to improve IS security compliance can be developed and investigated further.

Share

COinS
 
Dec 10th, 12:00 AM

Empowerment and BYOx: Towards Improved IS Security Compliance

Non-compliant employees continue to pose a serious threat to information systems security. Most attempts to increase compliant behavior rely on measures that reduce employees’ latitude. However, recent studies suggest that this indeed eventuates in less compliance due to adverse behaviors of frustrated or stressed employees. In this study, we propose a novel approach where increased latitude –by means of permitting BYOx–increases the intention to comply. In order to do so, we first construct a theoretical model that links BYOx with empowerment and abuse intention. Subsequently, we run a feasibility study to assess our experimental design and the general feasibility of our propositions. The results suggest that psychological empowerment can indeed be manipulated with vignettes, and that changes in empowerment influence individuals’ abuse intentions. Based on such initial promising results, we outline how this novel approach to improve IS security compliance can be developed and investigated further.