Information technology security policies are designed explicitly to protect IT systems. However, overly restrictive information security policies may be inadvertently creating an unforeseen information risk by encouraging users to bypass protected systems in favor of personal devices, where the potential loss of organizational intellectual property is greater.
Current models regarding the acceptance and use of technology, Technology Acceptance Model Version 3 (TAM3) and the Unified Theory of Acceptance and Use of Technology Version 2 (UTAUT2), address the use of technology in organizations and by consumers, but little research has been done to identify an appropriate model to begin to understand what factors would influence users that can choose between using their own personal device and using organizational IT assets, separate and distinct from “bring your own device” constructs. There are few organizations with radical demarcations between organizational assets and personal devices. One such organization, the United States Intelligence Community (USIC), provides a controlled environment where personal devices are expressly forbidden in workspaces and therefore provides a uniquely situated organizational milieu in that the use of personal devices would have to occur outside of the organizational environment. This research aims to bridge the divide between these choices by identifying the factors that influence users to select their own devices to overcome organizational restrictions in order to conduct open-source research.
The research model was amalgamated from the two primary theoretical frameworks, TAM3 and UTAUT2, and is the first to integrate these theories as they relate to the intention to use personal or organizational systems to address the choices employees make when choosing between personal and organizational assets to accomplish work related tasks. Using survey data collected from a sample of 240 employees of the USIC, Partial Least Squares Structural Equation Modeling (PLS-SEM) statistical techniques were used to evaluate and test the model, estimate the path relationships, and provide reliability and validity checks.
The results indicated that the Perception of Risk in the Enterprise (PoRE) significantly increased the Intention to Use Private Internet and decreased the Intention to Use Enterprise devices, as well as increasing the Perceived Ease of Use of Private Internet (PEUPI). The results of this study provide support to the concept that organizations must do more to balance threats to information systems with threats to information security. The imposition of safeguards to protect networks and systems, as well as employee misuse of information technology resources, may unwittingly incentivize users to use their own Internet and devices instead, where enterprise safeguards and protections are absent. This incentive is particularly pronounced when organizations increase the perceived threat of risk to users, whether intentional or inadvertent, and when the perception of the ease of use and usefulness of private Internet devices is high.
|Commitee:||Smith, James N., Snyder, Martha M.|
|School:||Nova Southeastern University|
|Department:||Information Assurance (DIA)|
|School Location:||United States -- Florida|
|Source:||DAI-A 82/9(E), Dissertation Abstracts International|
|Subjects:||Information Technology, Organizational behavior, Business administration|
|Keywords:||Information assurance, Information systems, Privacy, Perceived risk, Internet access, U.S. Intelligence Community|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be