IDEAS home Printed from https://ideas.repec.org/p/hal/journl/hal-01637912.html
   My bibliography  Save this paper

Workarounds as Means to Identify Insider Threats to Information Systems Security

Author

Listed:
  • Pierre-Emmanuel Arduin

    (DRM - Dauphine Recherches en Management - Université Paris Dauphine-PSL - PSL - Université Paris Sciences et Lettres - CNRS - Centre National de la Recherche Scientifique)

  • Dragos Vieru

    (TELUQ - Université Téluq)

Abstract

Workarounds represent deliberate actions of employees in contrast with the prescribed practices and organizations generally perceive them as unwanted processes. Workarounds may lead to information systems (IS) security policy violations, notably when prescribed practices lead employees to face obstacles in accomplishing their daily tasks. Such behavior generates new insider threats to IS security. In this article, we adopt the view that workarounds may enable the identification of new security threats. We propose a conceptual model that illustrates how workarounds generating non-malicious security violations might constitute sources of knowledge about new security threats.

Suggested Citation

  • Pierre-Emmanuel Arduin & Dragos Vieru, 2017. "Workarounds as Means to Identify Insider Threats to Information Systems Security," Post-Print hal-01637912, HAL.
    • Handle: RePEc:hal:journl:hal-01637912
    Note: View the original document on HAL open archive server: https://hal.science/hal-01637912
    as

    Download full text from publisher

    File URL: https://hal.science/hal-01637912/document
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Marie-Claude Boudreau & Daniel Robey, 2005. "Enacting Integrated Information Technology: A Human Agency Perspective," Organization Science, INFORMS, vol. 16(1), pages 3-18, February.
    2. Paul A. Pavlou & Omar A. El Sawy, 2010. "The “Third Hand”: IT-Enabled Competitive Advantage in Turbulence Through Improvisational Capabilities," Information Systems Research, INFORMS, vol. 21(3), pages 443-471, September.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Emmanuelle Vaast & Geoff Walsham, 2009. "Trans-Situated Learning: Supporting a Network of Practice with an Information Infrastructure," Information Systems Research, INFORMS, vol. 20(4), pages 547-564, December.
    2. Weiling Ke & Lele Kang & Chuan-Hoo Tan & Chih-Hung Peng, 2021. "User Competence with Enterprise Systems: The Effects of Work Environment Factors," Information Systems Research, INFORMS, vol. 32(3), pages 860-875, September.
    3. Dragos Vieru & Pierre-Emmanuel Arduin, 2016. "Sharing Knowledge in a Shared Services Center Context: An Explanatory Case Study of the Dialectics of Formal and Informal Practices," Post-Print hal-01458031, HAL.
    4. Xu, Jinying & Lu, Weisheng, 2022. "Developing a human-organization-technology fit model for information technology adoption in organizations," Technology in Society, Elsevier, vol. 70(C).
    5. Adilson Carlos Yoshikuni & José Eduardo R. Favaretto & Alberto Luiz Albertin & Fernando de Souza Meirelles, 2018. "The Influences of Strategic Information Systems on the Relationship between Innovation and Organizational Performance," Brazilian Business Review, Fucape Business School, vol. 15(5), pages 444-459, September.
    6. Rezvani, Azadeh & Dong, Linying & Khosravi, Pouria, 2017. "Promoting the continuing usage of strategic information systems: The role of supervisory leadership in the successful implementation of enterprise systems," International Journal of Information Management, Elsevier, vol. 37(5), pages 417-430.
    7. Yu Tong & Sharon Swee-Lin Tan & Hock-Hai Teo, 2015. "The Road to Early Success: Impact of System Use in the Swift Response Phase," Information Systems Research, INFORMS, vol. 26(2), pages 418-436, June.
    8. M. Lynne Markus & Frantz Rowe, 2018. "Is IT changing the world?," Post-Print hal-03716243, HAL.
    9. Sharath Sasidharan & Radhika Santhanam & Daniel J. Brass & Vallabh Sambamurthy, 2012. "The Effects of Social Network Structure on Enterprise Systems Success: A Longitudinal Multilevel Analysis," Information Systems Research, INFORMS, vol. 23(3-part-1), pages 658-678, September.
    10. Sumantra Sarkar & Anthony Vance & Balasubramaniam Ramesh & Menelaos Demestihas & Daniel Thomas Wu, 2020. "The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context," Information Systems Research, INFORMS, vol. 31(4), pages 1240-1259, December.
    11. Pingsheng Tong & U. N. Umesh & Jean L. Johnson & Ruby P. Lee, 2016. "Collaborative Relationships — The Role of Information Technology," International Journal of Innovation and Technology Management (IJITM), World Scientific Publishing Co. Pte. Ltd., vol. 13(03), pages 1-30, June.
    12. Jeewon Cho & Insu Park, 2022. "Does Information Systems Support for Creativity Enhance Effective Information Systems Use and Job Satisfaction in Virtual Work?," Information Systems Frontiers, Springer, vol. 24(6), pages 1865-1886, December.
    13. Giorgi Shuradze & Yevgen Bogodistov & Heinz-Theo Wagner, 2018. "The Role Of Marketing-Enabled Data Analytics Capability And Organisational Agility For Innovation: Empirical Evidence From German Firms," International Journal of Innovation Management (ijim), World Scientific Publishing Co. Pte. Ltd., vol. 22(04), pages 1-32, May.
    14. Chi, Maomao & Wang, Weijun & Lu, Xinyuan & George, Joey F., 2018. "Antecedents and outcomes of collaborative innovation capabilities on the platform collaboration environment," International Journal of Information Management, Elsevier, vol. 43(C), pages 273-283.
    15. Raymond F. Zammuto & Terri L. Griffith & Ann Majchrzak & Deborah J. Dougherty & Samer Faraj, 2007. "Information Technology and the Changing Fabric of Organization," Organization Science, INFORMS, vol. 18(5), pages 749-762, October.
    16. W. David Holford, 2022. "An Ethical Inquiry of the Effect of Cockpit Automation on the Responsibilities of Airline Pilots: Dissonance or Meaningful Control?," Journal of Business Ethics, Springer, vol. 176(1), pages 141-157, February.
    17. Paula Jarzabkowski & Sarah Kaplan, 2015. "Strategy tools-in-use: A framework for understanding “technologies of rationality” in practice," Strategic Management Journal, Wiley Blackwell, vol. 36(4), pages 537-558, April.
    18. Nicholas Berente & Kalle Lyytinen & Youngjin Yoo & John Leslie King, 2016. "Routines as Shock Absorbers During Organizational Transformation: Integration, Control, and NASA’s Enterprise Information System," Organization Science, INFORMS, vol. 27(3), pages 551-572, June.
    19. repec:dau:papers:123456789/7962 is not listed on IDEAS
    20. François-Xavier de Vaujany, 2008. "Capturing Reflexivity Modes In Is: A Critical Realist Approach," Post-Print hal-00644416, HAL.
    21. Beunza, Daniel & Millo, Yuval, 2015. "Blended automation: integrating algorithms on the floor of the New York Stock Exchange," LSE Research Online Documents on Economics 118995, London School of Economics and Political Science, LSE Library.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-01637912. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.