scholarly journals System End-User Actions as a Threat to Information System Security

2021 ◽  
Vol 13 (6) ◽  
pp. 71-83
Author(s):  
Paulus Kautwima ◽  
Titus Haiduwa ◽  
Kundai Sai ◽  
Valerianus Hashiyana ◽  
Nalina Suresh
Keyword(s):  
Information System ◽  
Information Systems ◽  
Higher Learning ◽  
Research Approach ◽  
Security Threat ◽  
End User ◽  
Structured Interviews ◽  
Replay Attack ◽  
Qualitative Research Design ◽  
Session Hijacking

As universities migrate online due to the advent of Covid-19, there is a need for enhanced security in information systems in the institution of higher learning. Many opted to invest in technological approaches to mitigate cybersecurity threats; however, the most common types of cybersecurity breaches happen due to the human factor, well known as end-user error or actions. Thus, this study aimed to identify and explore possible end-user errors in academia and the resulting vulnerabilities and threats that could affect the integrity of the university's information system. The study further presented state-of-the-art humanoriented security threats countermeasures to compliment universities' cybersecurity plans. Countermeasures include well-tailored ICT policies, incident response procedures, and education to protect themselves from security events (disruption, distortion, and exploitation). Adopted is a mixedmethod research approach with a qualitative research design to guide the study. An open-ended questionnaire and semi-structured interviews were used as data collection tools. Findings showed that system end-user errors remain the biggest security threat to information systems security in institutions of higher learning. Indeed errors make information systems vulnerable to certain cybersecurity attacks and, when exploited, put legitimate users, institutional network, and its computers at risk of contracting viruses, worms, Trojan, and expose it to spam, phishing, e-mail fraud, and other modern security attacks such as DDoS, session hijacking, replay attack and many more. Understanding that technology has failed to fully protect systems, specific recommendations are provided for the institution of higher education to consider improving employee actions and minimizing security incidents in their eLearning platforms, post Covid-19.

scholarly journals System End-User Actions as aThreat to Information System Security

2021 ◽  
Author(s):  
Paulus Kautwima ◽  
Titus Haiduwa ◽  
Kundai Sai ◽  
Valerianus Hashiyana ◽  
Nalina Suresh
Keyword(s):  
Information System ◽  
Information Systems ◽  
System Security ◽  
Security Requirements ◽  
Research Approach ◽  
Mixed Method Research ◽  
Digital Information ◽  
End User ◽  
Information System Security ◽  
User Actions

Information system security is of paramount importance to every institution that deals with digital information. Nowadays, efforts to address cybersecurity issues are mostly software or hardware-oriented. However, the most common types of cybersecurity breaches happen as a result of unintentional human errors also known as end user actions. Thus, this study aimed to identify the end-user errors and the resulting vulnerabilities that could affect the system security requirements, the CIA triad of information assets. The study further presents state-of-the-art countermeasures and intellectual ideas on how entities can protect themselves from advent events. Adopted is a mixed-method research approach to inform the study. A closed-ended questionnaire and semi-structured interviews were used as data collection tools. The findings of this study revealed that system end user errors remain the biggest threat to information systems security. Indeed errors make information systems vulnerable to certain cybersecurity attacks and when exploited puts legitimate users at risk.

SISTEM INFORMASI EVENT ORGANIZER PADA WAHANA ENTERTAIMENT BERBASIS JAVA

2021 ◽  
Vol 5 (1) ◽  
pp. 117
Author(s):  
Muhammad Fachrul Rizky ◽  
Maria Cleopatra ◽  
Diyan Parwatiningtyas
Keyword(s):  
Qualitative Research ◽  
Information Technology ◽  
Information System ◽  
Information Systems ◽  
Research Method ◽  
Electronic Devices ◽  
Research Approach ◽  
Management Process ◽  
Customer Data ◽  
Processing Data

Teknologi informasi dapat membuat apa saja menjadi lebih mudah dan efisien. Sebagai contohnya adalah pada perusahaan-perusahaan yang ada saat ini menggunakan sistem informasi pada alat elektroniknya untuk mengefektifkan produk dan hasil karyanya. Pada kajian ini, sistem informasi event organizer pada wahana entertaiment bertugas mengolah data seperti penginputan data pelanggan, data petugas, data peralatan, data paket, data pesanan, pencarian data dan laporan-laporan yang dibutuhkan. Tujuan penelitian ini adalah untuk merancang sebuah sistem informasi event organizer pada Wahana Entertainment. Metode penelitian yang digunakan adalah penelitian kualitatif dan pendekatan grounded research. Hasil dari penelitian ini berupa sistem informasi yang dapat membantu Wahana Entertainment dalam menerapkan sistem yang yang lebih baik, dapat mempermudah pekerjaan, meningkatkan kelancaran proses pengelolaan event organizer. Information technology can make anything easier and more efficient. For example, companies that exist today use information systems on their electronic devices to streamline their products and work. In this study, the event organizer information system in the entertainment vehicle is tasked with processing data such as inputting customer data, staff data, equipment data, package data, order data, data search and required reports. The purpose of this study was to design an event organizer information system at Wahana Entertainment. The research method used is qualitative research and grounded research approach. The results of this study are in the form of an information system that can help Wahana Entertainment implement a better system, make work easier, and improve the smoothness of the event organizer management process.

Successful Health Information System Implementation

2011 ◽  
pp. 1103-1111
Author(s):  
Kristiina Häyrinen
Keyword(s):  
Information System ◽  
Project Management ◽  
Information Systems ◽  
Health Information ◽  
Success Factors ◽  
Health Information System ◽  
Implementation Process ◽  
Initial System ◽  
System Implementation ◽  
End User

A Standish Group (1994) study showed that only 16% of all information technology projects come in on time and within budget. The situation is not better concerning health information systems. Many health information system implementations are less than completely successful (Berg, 2001; Giuse & Kuhn, 2003; Lorenzi & Riley, 2003). In this article, the health information system means “a system, whether automated or manual, that comprises people, machines and /or methods organized to collect, process, transmit, and disseminate” data that represent user information in healthcare (Kuhn & Giuse, 2001, pp. 275). What is successful implementation and whose success is measured? Successes can be measured in many ways. Delone and McLean have been finding out the success factors of management information system which are also applicable to health information system. The success factors are: system qualities, e.g., the ease of use or time savings, information quality, e.g., completeness or data accuracy, usage, e.g., the frequency of use or the number of entries, user satisfaction, e.g., user-friendliness or overall satisfaction, individual impact, e.g., changed work practices or direct benefits and organizational impact, e.g., communication and collaboration or impact on patient care. Furthermore, user involvement during system development, implementation and organizational culture have been identified as possible factors measuring the success. However, the need for further research to determine which attributes are the most useful ones in measuring success has also been revealed. (van der Meijden, Tange, Troost & Hashman, 2003). The different phases in implementation process are, in general, user needs and requirements analysis (specification), system design, initial system implementation and testing (Ahmad, Teater, Bentley, Kuehn, Kumar, Thomas & Me-khjian, 2002; Schuster, Hall, Couse, Swayngim & Kohatsu, 2003; Souther, 2001). The system requirements analysis includes workflow analysis, and the initial system implementation includes the technical installation of the information system, integration of the information system to other information systems and users’ training. Project management is an important factor in every phase of the implementation project. The purpose of this article is to highlight the health information system implementation process from end-user perspective. Which factors are crucial in the implementation process from the point of view of the end-users? How does project management contribute to the implementation process, what is the role of the end-user in system designing and how does training effect the information system implementation?

Sociotechnical factors influencing unsafe use of hospital information systems: A qualitative study in Malaysian government hospitals

2018 ◽  
Vol 25 (4) ◽  
pp. 1358-1372 ◽  
Author(s):  
Lizawati Salahuddin ◽  
Zuraini Ismail ◽  
Ummi Rabaah Hashim ◽  
Raja Rina Raja Ikram ◽  
Nor Haslinda Ismail ◽  
...  
Keyword(s):  
Information System ◽  
Information Systems ◽  
Hospital Information System ◽  
Hospital Information Systems ◽  
System Quality ◽  
Structured Interviews ◽  
Factors Influencing ◽  
Resultant Data ◽  
Government Hospitals ◽  
Malaysian Government

The objective of this study is to identify factors influencing unsafe use of hospital information systems in Malaysian government hospitals. Semi-structured interviews with 31 medical doctors in three Malaysian government hospitals implementing total hospital information systems were conducted between March and May 2015. A thematic qualitative analysis was performed on the resultant data to deduce the relevant themes. A total of five themes emerged as the factors influencing unsafe use of a hospital information system: (1) knowledge, (2) system quality, (3) task stressor, (4) organization resources, and (5) teamwork. These qualitative findings highlight that factors influencing unsafe use of a hospital information system originate from multidimensional sociotechnical aspects. Unsafe use of a hospital information system could possibly lead to the incidence of errors and thus raises safety risks to the patients. Hence, multiple interventions (e.g. technology systems and teamwork) are required in shaping high-quality hospital information system use.

scholarly journals User Satisfaction Analysis of Primary Care Information Systems in Semarang City with EUCS Model

2018 ◽  
Vol 7 (2) ◽  
pp. 120-125
Author(s):  
Asih Prasetyowati ◽  
Roro Kushartanti
Keyword(s):  
Primary Care ◽  
Information System ◽  
Information Systems ◽  
User Satisfaction ◽  
Ease Of Use ◽  
End User ◽  
Cross Sectional ◽  
Satisfaction Index ◽  
Care Information ◽  
End User Computing

Abstract   Primary Care Information System (P-Care) is used at the first level health facility (FKTP) for the service of patients of the National Health Insurance. The purpose of this study was to determine the success of using the P-Care information system by evaluating the system using the End User Computing Satisfaction (EUCS) Model. This is a cross-sectional survey research with Primary Care information system objects. The variables studied were the user satisfaction factors of the p-care information system including content aspects, accuracy, format, ease of use, and timeliness. The research subjects were primary care information system operators with 61 FKTPs as samples. Data were analyzed using descriptive analytical methods. P-care application user satisfaction index was 75.5 (satisfied category). This shows that respondents generally have received the primary care information system. The lowest index on A1 (system accuracy), C1 (accuracy of information), and T1&2 (timeliness of information). The lowest average user satisfaction index is on aspects of system accuracy and timeliness. To improve the index of primary care information system user satisfaction, the BPJS needs to improve system monitoring, increase feedback and increase report output. FKTP can develop a bridging P-Care system and structuring the medical record system to be more effective and efficient.   Keywords : information systems, user satisfaction, primary care, EUCS Model     Abstrak   Sistem Informasi Primary Care (P-Care) digunakan pada fasilitas kesehatan tingkat pertama (FKTP) untuk pelayanan pasien Jaminan Kesehatan Nasional (JKN).  Kepuasan pengguna aplikasi P-Care merupakan faktor penting dalam kinerja sistem informasi. Tujuan penelitian ini adalah mengetahui keberhasilan penggunaan sistem informasi p-care dengan melakukan evaluasi sistem menggunakan End User Computing Satisfaction (EUCS) Model. Jenis penelitian adalah penelitian survey bersifat cross sectional dengan obyek sistem informasi Primary Care. Variabel yang diteliti adalah faktor kepuasan pengguna sistem informasi p-care meliputi aspek content, accuracy, format, ease of use, dan timeliness. Subyek penelitian adalah operator sistem informasi primay care dengan 61 sampel FKTP. Data dianalisis dengan cara diskriptif analitik. Indeks kepuasan pengguna aplikasi P-care adalah 75,5 (kategori puas). Hal ini menunjukkan bahwa responden secara umum sudah menerima sistem informasi primay care.  Indeks terendah pada A1 (akurasi sistem), C1 (ketepatan informasi), dan T1&2 (ketepatan waktu informasi). Rata-rata indeks kepuasan pengguna paling rendah pada aspek akurasi sistem dan ketepatan waktu. Untuk meningkatkan indeks kepuasan pengguna sistem informasi primary care, maka pihak BPJS perlu meningkatkan monitoring sistem, meningkatkan feedback dan penambahan output laporan. FKTP dapat mengembangkan sistem bridging p-care dan penataan sistem rekam medis untuk pelayanan pasien yang lebih efektif dan efisien.   Kata kunci : sistem informasi, kepuasan pengguna, primary care, EUCS Model

scholarly journals Education and Information Systems Routes and Activity Patterns agro-tourism Surat Thani

2019 ◽  
Vol 8 (2S2) ◽  
pp. 104-107
Keyword(s):  
Information System ◽  
Information Systems ◽  
Activity Patterns ◽  
Descriptive Analysis ◽  
Coconut Oil ◽  
Animal Husbandry ◽  
Learning Center ◽  
Structured Interviews ◽  
Coconut Shells ◽  
Agricultural Tourism

The purpose of research on the education and development of information systems, the route and form of agricultural tourism activities in Surat Thani are to study the patterns and activities of agro-tourism in Surat Thani, to study and gather information on agricultural tourism routes in Surat Thani, and to develop the information system in form and route of agricultural tourism in Surat Thani. From the interview using structured interviews, questionnaires, and shared observations, the samples used in this research were the main informants consisting of farmers engaged in agro-tourism activities, tourist attractions and other farmers who were involved in agro-tourism activities in each district. The results of the descriptive analysis were presented. From the basic information of agro-tourism in Surat Thani Province, there are currently 13 tourist sites including three eco-tourism destinations, three learning centers, two homestays and residences, four demonstration centers and one orchard: more followings are BangBaiMai Eco-tourism group, KhunTalay Eco-tourism group, Bang Po, ChangKob Shipyard Learning Center, Sufficiency Economy Learning Center, "Park Lung Song pure cold extraction coconut oil Learning Center". Baan Klong Noi Homestay, Monkey Farms Demonstration Training Center, a demonstration center for coconut and coconut shells, making a fishing rod for catching shrimp demo center, Coconut Sugar demonstration center, Artit Garden and Wangko Resort. Tourism forms and activities consist of 12 types, namely, cropping, animal husbandry, agricultural production, beautiful landscape, agricultural life park where tourists can walk in the garden themselves. Bang Bai Mai Floating market, rafting ropeway, rafting in the canal, demonstration of monkey training for agriculture and recreation travel directions. There are 3 main routes: Rural Highway No. 2007, Rural Road No. 4229 and Highway No. 420. Information System Route and Formation of Agricultural Tourism Activities in Surat Thani Province based on the survey area; researchers use the Google API to create a map route by identifying the coordinates of the tourist.

scholarly journals Comparison Study Of Performance Analysis Of Information System Using The Methods Of End-User Computing Satisfaction And It Balance Score Card

JAICT ◽  
2018 ◽  
Vol 3 (2) ◽  
Author(s):  
Roy Sari Milda Siregar
Keyword(s):  
Information System ◽  
Information Systems ◽  
User Satisfaction ◽  
New Technology ◽  
Future Orientation ◽  
Primary User ◽  
End Users ◽  
Ease Of Use ◽  
Secondary User ◽  
End User

Evaluation of information system performance is needed to get an overview of the ease of end-users in utilizing a new technology. This study aims to evaluate the performance of information systems in a state-owned company (PT PLN Madya Langsa) based on an end-user perspective that is separated into two categories: employees and managers. The level of employee satisfaction (primary user) is measured using EUCS (aspect of: content, accuracy, format, ease of use, timeliness, and satisfaction). The manager's satisfaction level (secondary user) is measured by using IT BSC (aspect of: company contribution, user, operational excellence, and future orientation). The evaluation on the primary user showed that it was low at 25.6%, moderate at 56.64% and high at 18%. The percentage of user satisfaction with the information systems is 72.9% of the results expected by users. Meanwhile, evaluation on the secondary user obtained the following results: low at 10.5%, moderate 84.2% and high at 5.3%. The percentage of user satisfaction with the information system was 92.8% of the results that is expected by users. This study also discusses why there are differences in the percentage of primary user satisfaction compare to the secondary user and provides suggestions how to improve the level of satisfaction of the end users in the future.

scholarly journals End-User Awareness of and Adherence to Crisis Preparedness of the Information Systems in New Zealand Organisations

2021 ◽  
Author(s):  
◽  
Dennis Buberwa Ishumi
Keyword(s):  
Information Systems ◽  
New Zealand ◽  
Relevant Literature ◽  
Well Being ◽  
Survey Instrument ◽  
Research Approach ◽  
Crisis Preparedness ◽  
End User ◽  
Theoretical Concepts ◽  
User Awareness

<p>A crisis is a specific, unanticipated, and non-routine event that generates high levels of uncertainty and jeopardizes high value priorities such as life, economic well-being, or physical infrastructures. Some scholars observe that our computing environment has dramatically changed and is now defined by greater use and dependence on technology, while simultaneously it is hampered by technological failures and security vulnerability, which have perhaps led to an increase in the incidence of organisational crises. Because of the high occurrence of crises and the increased dependence on information systems (IS) in organisations, one would assume that most firms would have established measures to counteract these events, however the literature indicated otherwise. The purpose of this research was to explore and understand the factors that contribute to crisis preparedness of the information systems.  A comprehensive review of the literature indicated that the IS field has a large volume of publications on information systems disaster recovery, business continuity, information systems risk management and information systems security but little on crisis preparedness of the information systems. This study comprehensively reviewed relevant literature on the nature of crises, crisis preparedness and information systems. The literature review established groundwork necessary for the development of the research hypotheses which were tested during this investigation.  A quantitative positivist research approach was proposed. The study utilized a web-based survey to collect quantifiable information on the subject matter from study participants. The survey instrument was developed based on seven research dimensions. From these dimensions descriptive questions were created which formed part of the survey instrument. The collected data was analysed using three different approaches: descriptive statistics, correlation and percentage responses. From the data, facts about crisis preparedness of the information systems in New Zealand organisations were revealed.   In total 90 responses were received, 72 of which were eligible for data analyses. The study findings indicate some degree of end-user awareness of and adherence to crisis preparedness of the information systems in New Zealand organisations. However, more emphasis is needed in the understanding of the processes that bring about successful CPIS strategies across varying organisation structures.  The academic value of this research is the review of discourse in the fields of crisis preparedness and Information Systems, and the application of some of the theoretical concepts from those fields. These were necessary to test the research hypotheses and their findings can be used to explain the crisis-preparedness phenomenon in future studies. The practical value of this research is the development of a tool that can be used by managers and senior executives to undertake informed decisions with regard to the status or progress of the crisis preparedness of the information systems initiatives in their respective organisations from the end-user perspective.</p>

scholarly journals End-User Awareness of and Adherence to Crisis Preparedness of the Information Systems in New Zealand Organisations

2021 ◽  
Author(s):  
◽  
Dennis Buberwa Ishumi
Keyword(s):  
Information Systems ◽  
New Zealand ◽  
Relevant Literature ◽  
Well Being ◽  
Survey Instrument ◽  
Research Approach ◽  
Crisis Preparedness ◽  
End User ◽  
Theoretical Concepts ◽  
User Awareness

<p>A crisis is a specific, unanticipated, and non-routine event that generates high levels of uncertainty and jeopardizes high value priorities such as life, economic well-being, or physical infrastructures. Some scholars observe that our computing environment has dramatically changed and is now defined by greater use and dependence on technology, while simultaneously it is hampered by technological failures and security vulnerability, which have perhaps led to an increase in the incidence of organisational crises. Because of the high occurrence of crises and the increased dependence on information systems (IS) in organisations, one would assume that most firms would have established measures to counteract these events, however the literature indicated otherwise. The purpose of this research was to explore and understand the factors that contribute to crisis preparedness of the information systems.  A comprehensive review of the literature indicated that the IS field has a large volume of publications on information systems disaster recovery, business continuity, information systems risk management and information systems security but little on crisis preparedness of the information systems. This study comprehensively reviewed relevant literature on the nature of crises, crisis preparedness and information systems. The literature review established groundwork necessary for the development of the research hypotheses which were tested during this investigation.  A quantitative positivist research approach was proposed. The study utilized a web-based survey to collect quantifiable information on the subject matter from study participants. The survey instrument was developed based on seven research dimensions. From these dimensions descriptive questions were created which formed part of the survey instrument. The collected data was analysed using three different approaches: descriptive statistics, correlation and percentage responses. From the data, facts about crisis preparedness of the information systems in New Zealand organisations were revealed.   In total 90 responses were received, 72 of which were eligible for data analyses. The study findings indicate some degree of end-user awareness of and adherence to crisis preparedness of the information systems in New Zealand organisations. However, more emphasis is needed in the understanding of the processes that bring about successful CPIS strategies across varying organisation structures.  The academic value of this research is the review of discourse in the fields of crisis preparedness and Information Systems, and the application of some of the theoretical concepts from those fields. These were necessary to test the research hypotheses and their findings can be used to explain the crisis-preparedness phenomenon in future studies. The practical value of this research is the development of a tool that can be used by managers and senior executives to undertake informed decisions with regard to the status or progress of the crisis preparedness of the information systems initiatives in their respective organisations from the end-user perspective.</p>

scholarly journals Islamic Banking Products, Services and Objectives: Perspectives of Shariah Supervisors and Regulators

2021 ◽  
Vol 10 (1) ◽  
pp. 247-258
Author(s):  
MUHAMMAD AQIB ALI ◽  
TALAT HUSSAIN
Keyword(s):  
Qualitative Research ◽  
Banking Sector ◽  
The State ◽  
Islamic Banking ◽  
Research Approach ◽  
Islamic Banks ◽  
Structured Interviews ◽  
Staff Members ◽  
Qualitative Research Design ◽  
Supervisory Boards

The study is aimed at assessing the opinions of vital Islamic banking stakeholders including members of various Islamic banking Shariah Supervisory Boards (SSBs) and pertinent personnel from Pakistan’s central bank – The State Bank of Pakistan (SBP). The research analyzes the percepts of respondents regarding various aspects relevant to Islamic banking (IB) products, service and objectives. The paper employs qualitative research approach in analyzing the Shariah and regulatory experts’ viewpoints regarding Islamic banking. The study is conducted using semi-structured interviews of twelve Shariah supervisors and nine SBP staff members serving in the Islamic banking department and Islamic banking focus groups in the regional/field offices of the State Bank of Pakistan. The study is of pioneering nature involving qualitative research design and inclusion of two of the most significant stakeholder groups from the Islamic banking sector of Pakistan who have not been included in the past studies regarding Islamic banking perceptions. The research findings highlighted that Shariah objectives are top priority of Islamic banks as per the views expressed by members of Shariah boards of various banks while in opinion of Islamic banking regulators, Islamic banks’ major concern is to achieve their business objectives. Keywords: Islamic Banking, Islamic Finance, Pakistan, Products, Perceptions, Shariah Compliance.

Sign in / Sign up

Export Citation Format

Share Document