Consumerisation of IT: mitigating risky user actions and improving productivity with nudging

Iryna Yevseyeva*, Charles Morisset, James Turland, Lynne Coventry, Thomas Groß, Christopher Laing, Aad van Moorsel

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

In this work we address the main issues of IT consumerisation that are related to security risks, and propose a ‘soft’ mitigation strategy for user actions based on nudging, widely applied to health and social behaviour influence. In particular, we propose a complementary, less strict, more flexible Information Security policies, based on risk assessment of device vulnerabilities and threats to corporate data and devices, combined with a strategy of influencing security behaviour by nudging. We argue that nudging, by taking into account the context of the decision-making environment, and the fact that the employee may be in better position to make a more appropriate decision, may be more suitable than strict policies in situations of uncertainty of security-related decisions.
Original languageEnglish
Pages (from-to)508-517
Number of pages10
JournalProcedia Technology
Volume16
Early online date11 Nov 2014
DOIs
Publication statusPublished - 2014
Externally publishedYes
EventConference on ENTERprise Information Systems - Troia Aqualuz, Troia, Portugal
Duration: 15 Oct 201417 Oct 2014
Conference number: 6th
https://web.archive.org/web/20140418060216/http://centeris.scika.org/?page=home

Keywords

  • Consumerisation
  • Security
  • Risks
  • Mitigation strategies
  • Nudging

Fingerprint

Dive into the research topics of 'Consumerisation of IT: mitigating risky user actions and improving productivity with nudging'. Together they form a unique fingerprint.

Cite this