Workarounds and trade-offs in information security – an exploratory study

Purpose The purpose of this paper is to investigate relationships between workarounds (solutions to handling trade-offs between competing or misaligned goals and gaps in policies and procedures), perceived trade-offs, information security (IS) policy compliance, IS expertise/knowledge and IS demands. Design/methodology/approach The research purpose is addressed using survey data from a nationwide sample of Swedish white-collar workers (N = 156). Findings Responses reinforce the notion that workarounds partly are something different from IS policy compliance and that workarounds-as-improvisations are used more frequently by employees that see more conflicts between IS and other goals (r = 0.351), and have more IS expertise/knowledge (r = 0.257). Workarounds-as-non-compliance are also used more frequently when IS trade-offs are perceived (r = 0.536). These trade-offs are perceived more by people working in organizations that handle information with high security demands (r = 0.265) and those who perform tasks with high IS demands (r = 0.178). Originality/value IS policies are an important part of IS governance. They describe the procedures that are supposed to provide IS. Researchers have primarily investigated how employees’ compliance with IS policies can be predicted and explained. There has been an increased interest in how tradeoffs and conflicts between following policies and other goals lead employees to make workarounds. Workarounds may leave management unaware of how work actually is done within the organization and may besides getting work done lead to new vulnerabilities. This study furthers the understanding of workarounds and trade-offs, which should be subject to further research.

Download Full-text

What does work mean to your workers?

Human Resource Management International Digest ◽

10.1108/hrmid-05-2017-0082 ◽

2017 ◽

Vol 25 (5) ◽

pp. 15-17

Keyword(s):

Design Methodology ◽

White Collar Crime ◽

White Collar ◽

Blue Collar ◽

Content Type ◽

Blue Collar Workers ◽

White Collar Workers ◽

Pertinent Information ◽

Hr Managers ◽

Practical Implications

Purpose This paper aims to review the latest management developments across the globe and pinpoint practical implications from cutting-edge research and case studies. Design/methodology/approach This briefing is prepared by an independent writer who adds their own impartial comments and places the articles in context. Findings Talk of blue-collar and white-collar workers will seem faintly outdated for many HR managers. For some, blue-collar workers will conjure up images from the 1970s and 1980s of striking mineworkers, some of the terrible conditions in steel works or in car factories in the pre-robot era. And as for white-collar workers, again this term seems a little anachronistic, albeit it has recently been adopted when referring to computerized “white-collar” crime. And as for pink-collar workers, this surely was left for dead in the 1970s along with bell-bottom flares and male perms. Practical implications The paper provides strategic insights and practical thinking that have influenced some of the world’s leading organizations. Originality/value The briefing saves busy executives and researchers hours of reading time by selecting only the very best, most pertinent information and presenting it in a condensed and easy-to-digest format.

Download Full-text

Will artificial intelligence usurp white collar jobs?

Human Resource Management International Digest ◽

10.1108/hrmid-11-2016-0152 ◽

2017 ◽

Vol 25 (3) ◽

pp. 1-3 ◽

Cited By ~ 7

Author(s):

John Chelliah

Keyword(s):

Artificial Intelligence ◽

Expert Opinion ◽

Design Methodology ◽

White Collar ◽

Social Implications ◽

Content Type ◽

White Collar Workers ◽

Practical Implications

Purpose This paper highlights the risks faced by white-collar workers resulting from advances in artificial intelligence (AI). Design/methodology/approach This paper explores recent research and expert opinion on the evolution of AI and its encroachment on white-collar jobs. Findings This paper reveals susceptibility of white-collar jobs to AI. Practical implications This paper guides HR practitioners in advising management on the possible deployment of AI to enhance productivity and the resultant impact in the roles that employees perform. Social implications This study draws attention to the risks associated with the deployment of AI and as a consequence the loss of white-collar jobs. Originality/value This study raises the issue of how AI could disrupt the workplace by usurping white-collar jobs and creates awareness of the need for people in vulnerable white-collar jobs to re-think their careers and for HR practitioners to manage the change that this disruption will bring.

Download Full-text

Perceptions of organizational culture and value conflicts in information security management

Information and Computer Security ◽

10.1108/ics-08-2017-0058 ◽

2018 ◽

Vol 26 (2) ◽

pp. 213-229 ◽

Cited By ~ 2

Author(s):

Martin Karlsson ◽

Thomas Denk ◽

Joachim Åström

Keyword(s):

Organizational Culture ◽

Information Security ◽

White Collar ◽

Organizational Values ◽

Explanatory Models ◽

Value Conflicts ◽

Content Type ◽

Two Samples ◽

White Collar Workers ◽

Business Sectors

Purpose The purpose of this paper is to investigate the occurrence of value conflicts between information security and other organizational values among white-collar workers. Further, analyzes are conducted of the relationship between white-collar workers’ perceptions of the culture of their organizations and value conflicts involving information security. Design/methodology/approach Descriptive analyses and regression analyses were conducted on survey data gathered among two samples of white-collar workers in Sweden. Findings Value conflicts regarding information security occur regularly among white-collar workers in the private and public sectors and within different business sectors. Variations in their occurrence can be understood partly as a function of employees’ work situations and the sensitivity of the information handled in the organization. Regarding how perceived organizational culture affects the occurrence of value conflicts, multivariate regression analysis reveals that employees who perceive their organizations as having externally oriented, flexible cultures experience value conflicts more often. Research limitations/implications The relatively low share of explained variance in the explanatory models indicates the need to identify alternative explanations of the occurrence of value conflicts regarding information security. Practical implications Information security managers need to recognize that value conflicts occur regularly among white-collar workers in different business sectors, more often among workers in organizations that handle sensitive information, and most often among white-collar workers who perceive the cultures of their organizations as being externally oriented and flexible. Originality/value The study addresses a gap in the information security literature by contributing to the understanding of value conflicts between information security and other organizational values. This study has mapped the occurrence of value conflicts regarding information security among white-collar professionals and shows that the occurrence of value conflicts is associated with work situation, information sensitivity and perceived organizational culture.

Download Full-text

Value conflicts and non-compliance

Information and Computer Security ◽

10.1108/ics-08-2017-0057 ◽

2018 ◽

Vol 26 (2) ◽

pp. 246-258 ◽

Cited By ~ 3

Author(s):

Joakim Berndtsson ◽

Peter Johansson ◽

Martin Karlsson

Keyword(s):

Information Security ◽

Strong Support ◽

White Collar ◽

Value Conflicts ◽

Public And Private ◽

Content Type ◽

Security Research ◽

Public Sector Employees ◽

White Collar Workers ◽

Private And Public

Purpose The purpose of the study is to explore potential value conflicts between information security work and whistleblowing activities by analysing attitudes to whistleblowing among white-collar workers in Swedish organisations. Design/methodology/approach The study is conducted using survey data among (n = 674) Swedish white-collar workers. Statistical analyses are conducted to explore variations in acceptance of whistleblowing and analyse the relationship between acceptance for whistleblowing and information security attitudes and behaviours. Findings The study finds strong support for whistleblowing in both public and private spheres, and by both private and public sector employees. The study also finds stronger acceptance for intra-organisational whistleblowing, while support for external whistleblowing is low. Finally, the study shows that the whistleblowing activities might be perceived as coming in conflict with information security work, even as the support for including whistleblowing functions in information security practices is high. Research limitations/implications With a focus on one country, the study is limited in terms of empirical scope. It is also limited by a relatively small number of respondents and survey items relating to whistleblowing, which in turn affects its explanatory value. However, the study does provide unique new insight into a specific form of “non-compliance”, i.e. whistleblowing, which merits further investigation. Originality/value Few studies exist that combine insights from the fields of whistleblowing and information security research. Thus, this study provides a basis for further investigation into attitudes and behaviours linked to whistleblowing in public and private organisations, as well as attendant value conflicts related to information security management and practice.

Download Full-text

Characteristics of financial crime investigation reports by fraud examiners

Journal of Investment Compliance ◽

10.1108/joic-04-2014-0014 ◽

2014 ◽

Vol 15 (4) ◽

pp. 57-66 ◽

Cited By ~ 4

Author(s):

Petter Gottschalk

Keyword(s):

Empirical Study ◽

Exploratory Study ◽

Design Methodology ◽

Empirical Studies ◽

White Collar ◽

Financial Crime ◽

Public Prosecution ◽

Content Type ◽

Police Investigation ◽

Crime Investigation

Purpose – The purpose of this paper is to present results from an exploratory study of private investigations by fraud examiners in Norway. The activity of private investigations by fraud examiners is a business of lawyers, auditors and other professionals who investigate suspicions of financial crime by white-collar criminals. Design/methodology/approach – This article presents results from an empirical study of investigation reports. Findings – The available sample consists of 21 reports produced mostly by auditing firms such as PwC. Suspicion of financial crime led to police investigation, public prosecution and jail sentence in two cases. Originality/value – Empirical studies of private investigations are rare.

Download Full-text

OCIE issues risk alert on the most frequently identified advisory fee and expense compliance issues

Journal of Investment Compliance ◽

10.1108/joic-06-2018-0046 ◽

2018 ◽

Vol 19 (4) ◽

pp. 1-3

Author(s):

Robert Van Grover

Keyword(s):

Design Methodology ◽

Best Practice ◽

Investment Management ◽

Content Type ◽

Informed Decisions ◽

Policies And Procedures ◽

The Us ◽

Investment Advisers ◽

Practical Implications

Purpose To summarize and interpret a Risk Alert issued on April 12, 2018 by the US SEC’s Office of Compliance Inspections and Examinations (OCIE) on the most frequent advisory fee and expense compliance issues identified in recent examinations of investment advisers. Design/methodology/approach Summarizes deficiencies identified by the OCIE staff pertaining to advisory fees and expenses in the following categories: fee billing based on incorrect account valuations, billing fees in advance or with improper frequency, applying incorrect fee rates, omitting rebates and applying discounts incorrectly, disclosure issues involving advisory fees, and adviser expense misallocations. Findings In the Risk Alert, OCIE staff emphasized the importance of disclosures regarding advisory fees and expenses to the ability of clients to make informed decisions, including whether or not to engage or retain an adviser. Practical implications In light of the issues identified in the Risk Alert, advisers should assess the accuracy of disclosures and adequacy of policies and procedures regarding advisory fee billing and expenses. As a matter of best practice, advisers should implement periodic forensic reviews of billing practices to identify and correct issues relating to fee billing and expenses. Originality/value Expert guidance from experienced investment management lawyer.

Download Full-text

Digital forensics and evolving cyber law: case of BIMSTEC countries

Journal of Money Laundering Control ◽

10.1108/jmlc-02-2019-0019 ◽

2019 ◽

Vol 22 (4) ◽

pp. 744-752

Author(s):

Sisira Dharmasri Jayasekara ◽

Iroshini Abeysekara

Keyword(s):

Information Technology ◽

Design Methodology ◽

Digital Forensics ◽

Content Type ◽

Global Context ◽

Study Approach ◽

Legal Frameworks ◽

Work Done

Purpose The purpose of this paper is to discuss the role of digital forensics in an evolving environment of cyber laws giving attention to Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC) countries, comprising Bangladesh, India, Myanmar, Sri Lanka, Thailand, Nepal and Bhutan, in a dynamic global context. Design/methodology/approach This study uses a case study approach to discuss the digital forensics and cyber laws of BIMSTEC countries. The objective of the study was expected to be achieved by referring to decided cases in different jurisdictions. Cyber laws of BIMSTEC countries were studied for the purpose of this study. Findings The analysis revealed that BIMSTEC countries are required to amend legislation to support the growth of information technology. Most of the legislation are 10-15 years old and have not been amended to resolve issues on cyber jurisdictions. Research limitations/implications This study was limited to the members of the BIMSTEC. Originality/value This paper is an original work done by the authors who have discussed the issues of conducting investigations with respect to digital crimes in a rapidly changing environment of information technology and deficient legal frameworks.

Download Full-text

Blockchain as supply chain technology: considering transparency and security

International Journal of Physical Distribution & Logistics Management ◽

10.1108/ijpdlm-08-2019-0234 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Pei Xu ◽

Joonghee Lee ◽

James R. Barth ◽

Robert Glenn Richey

Keyword(s):

Supply Chain ◽

Text Mining ◽

Information Security ◽

Design Methodology ◽

Use Cases ◽

Future Research ◽

Content Type ◽

Blockchain Technology ◽

Twitter Data ◽

The Way

PurposeThis paper discusses how the features of blockchain technology impact supply chain transparency through the lens of the information security triad (confidentiality, integrity and availability). Ultimately, propositions are developed to encourage future research in supply chain applications of blockchain technology.Design/methodology/approachPropositions are developed based on a synthesis of the information security and supply chain transparency literature. Findings from text mining of Twitter data and a discussion of three major blockchain use cases support the development of the propositions.FindingsThe authors note that confidentiality limits supply chain transparency, which causes tension between transparency and security. Integrity and availability promote supply chain transparency. Blockchain features can preserve security and increase transparency at the same time, despite the tension between confidentiality and transparency.Research limitations/implicationsThe research was conducted at a time when most blockchain applications were still in pilot stages. The propositions developed should therefore be revisited as blockchain applications become more widely adopted and mature.Originality/valueThis study is among the first to examine the way blockchain technology eases the tension between supply chain transparency and security. Unlike other studies that have suggested only positive impacts of blockchain technology on transparency, this study demonstrates that blockchain features can influence transparency both positively and negatively.

Download Full-text

From campfire to coliseum: motivations for using social networks

Qualitative Market Research An International Journal ◽

10.1108/qmr-12-2019-0130 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Paula Castro Pires de Souza Chimenti ◽

Marco Aurelio de Souza Rodrigues ◽

Marcelo Guedes Carneiro ◽

Roberta Dias Campos

Keyword(s):

Social Networks ◽

Social Media ◽

Exploratory Study ◽

Design Methodology ◽

Qualitative Approach ◽

Content Type ◽

Media Usage ◽

Practical Implications ◽

Collective Narrative

Purpose Through a literature review, a gap has been identified regarding the role of competition as a driver of social network (SN) usage. This study aims to design to address this gap, seeking motivators for SN usage based on how SN consumption may be related to users’ experience of competition. Therefore, the purpose of this study is to investigate the influence of competition in social media usage. Design/methodology/approach The authors used an exploratory qualitative approach, conducting a set of focus groups with young social media users. Data was analyzed with software. Findings Two new drivers for SN use are proposed, namely, competition and collective narrative. Research limitations/implications This is an exploratory study, and it does not seek to generalize results or quantify causal relationships among variables. Practical implications This paper offers SN managers a deeper understanding of key growth drivers for these media. Social implications This research can help society understand and debate the impacts of SNs on users’ lives, providing insights into drivers of excessive usage. Originality/value This paper proposes the following two SN usage drivers yet to be described in the literature: competition and collective narrative.

Download Full-text

So you want to work in sports? An exploratory study of sport business employability

Sport Business and Management An International Journal ◽

10.1108/sbm-02-2021-0013 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

David J. Finch ◽

Norm O'Reilly ◽

David Legg ◽

Nadège Levallet ◽

Emma Fody

Keyword(s):

United States ◽

Emotional Intelligence ◽

Labor Market ◽

Exploratory Study ◽

Design Methodology ◽

Sport Management ◽

The United States ◽

Content Type ◽

The Past ◽

Analytical Thinking

PurposeAs an industry, sport business (SB) has seen significant growth since the early 2000s. Concurrently, the number of postsecondary sport management programs has also expanded dramatically. However, there remain concerns about whether these programs are meeting the demands of both employers and graduates. To address these concerns, this study examines the credential and competency demands of the SB labor market in the United States.Design/methodology/approachResearchers conducted an analysis using a broad sample of employment postings (N = 613) for SB positions from two different years, 2008 and 2018.FindingsResults support that a complex set of SB qualifications exist, and the credentials and competencies included in SB employment postings have evolved over the past decade.Originality/valueA noteworthy finding is that meta-skills are found to be particularly important for employability, including items such as communication, emotional intelligence and analytical thinking and adaptability.

Download Full-text