Privilege or procedure: Evaluating the effect of employee status on intent to comply with socially interactive information security threats and controls

被引:18
作者
Aurigemma, Salvatore [1 ]
Mattson, Thomas [2 ]
机构
[1] Univ Tulsa, 800 S Tucker Dr, Tulsa, OK 74104 USA
[2] Univ Richmond, 28 Westhampton Way, Richmond, VA 23173 USA
关键词
Theory of planned behavior; Information security policies; Status; Tailgating; Decomposition of perceived behavioral control; Self-efficacy; Controllability; Hierarchical organizations; PROTECTION MOTIVATION; POLICY COMPLIANCE; PLANNED BEHAVIOR; SYSTEMS SECURITY; STATUS HIERARCHIES; SELF-EFFICACY; FIT INDEXES; CULTURE; POWER; DETERRENCE;
D O I
10.1016/j.cose.2017.02.006
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Existing information security literature does not account for an employee's status (hierarchical relationship (rank order) among employees) within the organizational chain of command when theorizing about his/her information security policy compliance behaviors and behavioral intentions. We argue that this is a potentially important theoretical gap specifically concerning socially interactive threats and controls within hierarchical organizations, because an individual's status within these types of social structures impacts his/her capacity to control another person's resources, behaviors, and outcomes. In this paper, we investigate the main and moderating effect of an employee's status within the organizational hierarchy on an individual's perceived behavioral control related to interactive security threats and controls, specifically tailgating (i.e., the act of gaining access to a restricted area by following someone who has legitimate access). In a survey of Department of Defense employees, we find that the effect of status on perceived behavioral control over tailgating behaviors is positive for employees who report average and above average levels of controllability of coworkers but negative for employees who report below average levels of controllability of coworkers. Our paper has both theoretical and practical value for socially interactive security behaviors within hierarchical organizations with respected levels of command and control. (C) 2017 Elsevier Ltd. All rights reserved.
引用
收藏
页码:218 / 234
页数:17
相关论文
共 103 条
  • [81] Common method biases in behavioral research: A critical review of the literature and recommended remedies
    Podsakoff, PM
    MacKenzie, SB
    Lee, JY
    Podsakoff, NP
    [J]. JOURNAL OF APPLIED PSYCHOLOGY, 2003, 88 (05) : 879 - 903
  • [82] Ramachandran S, 2013, COMMUN ASSOC INF SYS, V33, P163
  • [83] Status and stratification processes in organizational life
    Ravlin, EC
    Thomas, DC
    [J]. JOURNAL OF MANAGEMENT, 2005, 31 (06) : 966 - 987
  • [84] Understanding it adoption decisions in small business: integrating current theories
    Riemenschneider, CK
    Harrison, DA
    Mykytyn, PP
    [J]. INFORMATION & MANAGEMENT, 2003, 40 (04) : 269 - 285
  • [85] Ritchey D., 2015, SECURITY, V52, P1
  • [86] Organisational security culture: Extending the end-user perspective
    Ruighaver, A. B.
    Maynard, S. B.
    Chang, S.
    [J]. COMPUTERS & SECURITY, 2007, 26 (01) : 56 - 62
  • [87] Information security conscious care behaviour formation in organizations
    Safa, Nader Sohrabi
    Sookhak, Mehdi
    Von Solms, Rossouw
    Furnell, Steven
    Ghani, Norjihan Abdul
    Herawan, Tutut
    [J]. COMPUTERS & SECURITY, 2015, 53 : 65 - 78
  • [88] Status: Insights from Organizational Sociology
    Sauder, Michael
    Lynn, Freda
    Podolny, Joel M.
    [J]. ANNUAL REVIEW OF SOCIOLOGY, VOL 38, 2012, 38 : 267 - 283
  • [89] Schein EH, 2012, EUR J DEV PSYCHOL, V9, P486
  • [90] Status Hierarchies and the Organization of Collective Action
    Simpson, Brent
    Willer, Robb
    Ridgeway, Cecilia L.
    [J]. SOCIOLOGICAL THEORY, 2012, 30 (03) : 149 - 166