Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/50537

Security Circumvention: To Educate or To Enforce?

File Size Format  
paper0650.pdf 1.22 MB Adobe PDF View/Open

Item Summary

dc.contributor.author Dey, Debabrata
dc.contributor.author Ghoshal, Abhijeet
dc.contributor.author Lahiri, Atanu
dc.date.accessioned 2017-12-28T02:13:49Z
dc.date.available 2017-12-28T02:13:49Z
dc.date.issued 2018-01-03
dc.identifier.isbn 978-0-9981331-1-9
dc.identifier.uri http://hdl.handle.net/10125/50537
dc.description.abstract Deliberate circumvention of information systems security is a common behavioral pattern among users. It not only defeats the purpose of having the security controls in place, but can also go far beyond in terms of the total damage it can cause. An organization grappling with circumvention can try to (i) train its users, or (ii) take on enforcement measures, or adopt a combination of the two. In this work, we look at the trade-off between these two very different approaches towards circumvention and try to gain some insights about how an organization might wish to tackle this menace.
dc.format.extent 10 pages
dc.language.iso eng
dc.relation.ispartof Proceedings of the 51st Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.uri https://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subject Strategy, Information, Technology, Economics, and Society (SITES)
dc.subject Circumvention, IT Security, monitoring, security control, training, work-around
dc.title Security Circumvention: To Educate or To Enforce?
dc.type Conference Paper
dc.type.dcmi Text
dc.identifier.doi 10.24251/HICSS.2018.648
Appears in Collections: Strategy, Information, Technology, Economics, and Society (SITES)


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons