Computer user security: A model facilitating measurement

by Appunn, Frank D., Ph.D., CAPELLA UNIVERSITY, 2008, 195 pages; 3304130

Abstract:

Computer user security considers the actions of computer users in supporting or thwarting computer security. This research considered computer users that were employees or other workers that acted like fulltime employees of organizations. Most security failures had some link to users; despite the best technical products and plans, one could not overcome user risks. It was therefore important to know the status of computer user security, changes in this area over time, and comparative levels between areas. There appeared to be no objective method to measure the computer security abilities of a group of users in an organization. Little agreement was evident on what constituted user security with over one hundred different descriptive words used in formal literature. A further problem was that important terms like awareness had numerous and even opposing definitions. This research aimed to create a strong theoretical model based on an extensive review of the literature. Next, it evaluated the viability of the model using quantitative methods including surveys and partial least squares (PLS) statistical analysis. The research emulated and extended UTAUT by Venkatesh, Morris, Davis, and Davis who published the model as "User Acceptance of Information Technology: Toward a Unified View" in MISQ, 2003. Finally, this research extended findings to practical measurement. The outcome found support for the new model, but indicated that security technology usage had external influences that limited the relevance of UTAUT. The measurement system identified specific facets and locations that were either strong or weak. Included in the sample data were two apparent anomalies that later proved to have been accurate detection and measurement by the new system. This exploratory research created a basis that promoted the ability for organizations to objectively comply with legal reporting requirements, identify weaknesses in the most serious security areas, isolated specific locations needing improvement, and allowed for efficient budget allocations. The judgment of remediation efficacy was a further anticipated benefit.

AdviserMargarita Rovira
SchoolCAPELLA UNIVERSITY
Source TypeDissertation
SubjectsManagement; Information science
Publication Number3304130

About ProQuest Dissertations & Theses
With nearly 4 million records, the ProQuest Dissertations & Theses (PQDT) Global database is the most comprehensive collection of dissertations and theses in the world. It is the database of record for graduate research.

PQDT Global combines content from a range of the world's premier universities - from the Ivy League to the Russell Group. Of the nearly 4 million graduate works included in the database, ProQuest offers more than 2.5 million in full text formats. Of those, over 1.7 million are available in PDF format. More than 90,000 dissertations and theses are added to the database each year.

If you have questions, please feel free to visit the ProQuest Web site - http://www.proquest.com - or contact ProQuest Support.