IDEAS home Printed from https://ideas.repec.org/p/hal/journl/hal-01637912.html
   My bibliography  Save this paper

Workarounds as Means to Identify Insider Threats to Information Systems Security

Author

Listed:
  • Pierre-Emmanuel Arduin

    (DRM - Dauphine Recherches en Management - Université Paris Dauphine-PSL - PSL - Université Paris Sciences et Lettres - CNRS - Centre National de la Recherche Scientifique)

  • Dragos Vieru

    (TELUQ - Université Téluq)

Abstract

Workarounds represent deliberate actions of employees in contrast with the prescribed practices and organizations generally perceive them as unwanted processes. Workarounds may lead to information systems (IS) security policy violations, notably when prescribed practices lead employees to face obstacles in accomplishing their daily tasks. Such behavior generates new insider threats to IS security. In this article, we adopt the view that workarounds may enable the identification of new security threats. We propose a conceptual model that illustrates how workarounds generating non-malicious security violations might constitute sources of knowledge about new security threats.

Suggested Citation

  • Pierre-Emmanuel Arduin & Dragos Vieru, 2017. "Workarounds as Means to Identify Insider Threats to Information Systems Security," Post-Print hal-01637912, HAL.
    • Handle: RePEc:hal:journl:hal-01637912
    Note: View the original document on HAL open archive server: https://hal.science/hal-01637912v1
    as

    Download full text from publisher

    File URL: https://hal.science/hal-01637912v1/document
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Marie-Claude Boudreau & Daniel Robey, 2005. "Enacting Integrated Information Technology: A Human Agency Perspective," Organization Science, INFORMS, vol. 16(1), pages 3-18, February.
    2. Paul A. Pavlou & Omar A. El Sawy, 2010. "The “Third Hand”: IT-Enabled Competitive Advantage in Turbulence Through Improvisational Capabilities," Information Systems Research, INFORMS, vol. 21(3), pages 443-471, September.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Emmanuelle Vaast & Geoff Walsham, 2009. "Trans-Situated Learning: Supporting a Network of Practice with an Information Infrastructure," Information Systems Research, INFORMS, vol. 20(4), pages 547-564, December.
    2. Dragos Vieru & Pierre-Emmanuel Arduin, 2016. "Sharing Knowledge in a Shared Services Center Context: An Explanatory Case Study of the Dialectics of Formal and Informal Practices," Post-Print hal-01458031, HAL.
    3. Adilson Carlos Yoshikuni & José Eduardo R. Favaretto & Alberto Luiz Albertin & Fernando de Souza Meirelles, 2018. "The Influences of Strategic Information Systems on the Relationship between Innovation and Organizational Performance," Brazilian Business Review, Fucape Business School, vol. 15(5), pages 444-459, September.
    4. Kao, Ling-Jing & Chiu, Chih-Chou & Lin, Hung-Tse & Hung, Yun-Wei & Lu, Cheng-Chin, 2024. "Unveiling the dimensions of digital transformation: A comprehensive taxonomy and assessment model for business," Journal of Business Research, Elsevier, vol. 176(C).
    5. Sharath Sasidharan & Radhika Santhanam & Daniel J. Brass & Vallabh Sambamurthy, 2012. "The Effects of Social Network Structure on Enterprise Systems Success: A Longitudinal Multilevel Analysis," Information Systems Research, INFORMS, vol. 23(3-part-1), pages 658-678, September.
    6. Sumantra Sarkar & Anthony Vance & Balasubramaniam Ramesh & Menelaos Demestihas & Daniel Thomas Wu, 2020. "The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context," Information Systems Research, INFORMS, vol. 31(4), pages 1240-1259, December.
    7. Chi, Maomao & Wang, Weijun & Lu, Xinyuan & George, Joey F., 2018. "Antecedents and outcomes of collaborative innovation capabilities on the platform collaboration environment," International Journal of Information Management, Elsevier, vol. 43(C), pages 273-283.
    8. Paula Jarzabkowski & Sarah Kaplan, 2015. "Strategy tools-in-use: A framework for understanding “technologies of rationality” in practice," Strategic Management Journal, Wiley Blackwell, vol. 36(4), pages 537-558, April.
    9. Nicholas Berente & Kalle Lyytinen & Youngjin Yoo & John Leslie King, 2016. "Routines as Shock Absorbers During Organizational Transformation: Integration, Control, and NASA’s Enterprise Information System," Organization Science, INFORMS, vol. 27(3), pages 551-572, June.
    10. repec:dau:papers:123456789/7962 is not listed on IDEAS
    11. François-Xavier de Vaujany, 2008. "Capturing Reflexivity Modes In Is: A Critical Realist Approach," Post-Print hal-00644416, HAL.
    12. Namal Mete Kaan & Tufan Cenk & Köksal Kemal & Mert İbrahim Sani, 2023. "The Effect of Market and Technological Turbulence on Innovation Performance in Nascent Enterprises: The Moderating Role of Entrepreneur’s Courage," Economics - The Open-Access, Open-Assessment Journal, De Gruyter, vol. 17(1), pages 1-19.
    13. Beunza, Daniel & Millo, Yuval, 2015. "Blended automation: integrating algorithms on the floor of the New York Stock Exchange," LSE Research Online Documents on Economics 118995, London School of Economics and Political Science, LSE Library.
    14. Verena Wolf & Christian Bartelheimer & Daniel Beverungen, 2020. "Workarounds as Generative Mechanisms for Restructuring and Redesigning Organizations - Insights from a Multiple Case Study," Working Papers Dissertations 68, Paderborn University, Faculty of Business Administration and Economics.
    15. Stav Fainshmidt & Amir Pezeshkan & M. Lance Frazier & Anil Nair & Edward Markowski, 2016. "Dynamic Capabilities and Organizational Performance: A Meta-Analytic Evaluation and Extension," Journal of Management Studies, Wiley Blackwell, vol. 53(8), pages 1348-1380, December.
    16. Godé, Cécile & Brion, Sébastien, 2024. "The affordance-actualization process of predictive analytics: Towards a configurational framework of a predictive policing system," Technological Forecasting and Social Change, Elsevier, vol. 204(C).
    17. Iveroth, Einar, 2012. "Leading global IT-enabled change across cultures," European Management Journal, Elsevier, vol. 30(4), pages 340-351.
    18. Jeanne Wilson & C. Brad Crisp & Mark Mortensen, 2013. "Extending Construal-Level Theory to Distributed Groups: Understanding the Effects of Virtuality," Organization Science, INFORMS, vol. 24(2), pages 629-644, April.
    19. Susan Scott & Wanda Orlikowski, 2022. "The Digital Undertow: How the Corollary Effects of Digital Transformation Affect Industry Standards," Information Systems Research, INFORMS, vol. 33(1), pages 311-336, March.
    20. Margunn Aanestad & Bob Jolliffe & Arunima Mukherjee & Sundeep Sahay, 2014. "Infrastructuring Work: Building a State-Wide Hospital Information Infrastructure in India," Information Systems Research, INFORMS, vol. 25(4), pages 834-845, December.
    21. Lionel P. Robert Jr. & Tracy Ann Sykes, 2017. "Extending the Concept of Control Beliefs: Integrating the Role of Advice Networks," Information Systems Research, INFORMS, vol. 28(1), pages 84-96, March.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-01637912. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.