当前位置:
X-MOL 学术
›
Journal of Enterprise Information Management
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
From hindrance to challenge
Journal of Enterprise Information Management ( IF 5.661 ) Pub Date : 2019-09-23 , DOI: 10.1108/jeim-01-2019-0018 Ying Li , Ting Pan , Nan (Andy) Zhang
Journal of Enterprise Information Management ( IF 5.661 ) Pub Date : 2019-09-23 , DOI: 10.1108/jeim-01-2019-0018 Ying Li , Ting Pan , Nan (Andy) Zhang
This paper is to investigate how employees respond to information security policies (ISPs) when they view the policies as a challenge rather than a hindrance to work. Specifically, the authors examine the roles of challenge security demands (i.e. continuity and mandatory) and psychological resources (i.e. personal and job resources) in influencing employees’ ISP non-compliance.,Applying a hypothetical scenario-based survey method, the authors tested our proposed model in six typical ISPs violation scenarios. In sum, 347 responses were collected from a global company. The data were analyzed using partial least square-based structural equation model.,Findings indicated that continuity and mandatory demands increased employees’ level of perseverance of effort, which, in turn, decreased their ISPs non-compliance intention. In addition, job resources, such as the trust enhancement gained from co-workers and the opportunities for professional development, enhanced the perseverance of effort.,The findings offer implications to practice by suggesting that organizations should design training programs to persuade employees to understand the ISPs in a positive way. Meanwhile, organizations should encourage employees to invest more personal resources by creating a trusting atmosphere and providing them opportunities to learn security knowledge and skills.,This study is among the few to empirically explore how employees respond and behave when they view the security policies as challenge stressors. The paper also provides a novel understanding of how psychological resources contribute to buffering ISP non-compliance.
中文翻译:
从障碍到挑战
本文旨在研究员工将信息安全策略(ISP)视为挑战而非工作障碍时如何应对信息安全策略。具体来说,作者研究了挑战性安全需求(即连续性和强制性)和心理资源(即个人和工作资源)在影响员工ISP不遵守要求中的作用。在六个典型的ISP违规情形中提出了该模型。总计,从一家全球公司收集了347个回复。使用基于偏最小二乘的结构方程模型对数据进行了分析。结果表明,连续性和强制性要求提高了员工的毅力水平,从而降低了他们的ISP违规意图。另外,工作资源 例如,从同事那里获得的信任增强和专业发展的机会,增强了努力的毅力。研究结果建议组织应设计培训计划,以说服员工以积极的方式理解ISP,从而对实践产生影响。同时,组织应鼓励员工建立信任的氛围,并为他们提供学习安全知识和技能的机会,以鼓励他们投入更多的个人资源。该研究是少数通过经验探索员工将安全策略视为挑战时如何应对和行为的研究之一压力源。本文还提供了关于心理资源如何有助于缓解ISP不合规的新颖理解。
更新日期:2019-09-23
中文翻译:
从障碍到挑战
本文旨在研究员工将信息安全策略(ISP)视为挑战而非工作障碍时如何应对信息安全策略。具体来说,作者研究了挑战性安全需求(即连续性和强制性)和心理资源(即个人和工作资源)在影响员工ISP不遵守要求中的作用。在六个典型的ISP违规情形中提出了该模型。总计,从一家全球公司收集了347个回复。使用基于偏最小二乘的结构方程模型对数据进行了分析。结果表明,连续性和强制性要求提高了员工的毅力水平,从而降低了他们的ISP违规意图。另外,工作资源 例如,从同事那里获得的信任增强和专业发展的机会,增强了努力的毅力。研究结果建议组织应设计培训计划,以说服员工以积极的方式理解ISP,从而对实践产生影响。同时,组织应鼓励员工建立信任的氛围,并为他们提供学习安全知识和技能的机会,以鼓励他们投入更多的个人资源。该研究是少数通过经验探索员工将安全策略视为挑战时如何应对和行为的研究之一压力源。本文还提供了关于心理资源如何有助于缓解ISP不合规的新颖理解。
京公网安备 11010802027423号