Users are not the enemy

Many system security departments treat users as a security risk to be controlled. The general consensus is that most users are careless and unmotivated when it comes to system security. In a recent study, we found that users may indeed compromise computer security mechanisms, such as password authentication, both knowing and unknowingly. A closer analysis, however, revealed that such behavior is often caused by the way in which security mechanisms are implemented, and users ’ lack of knowledge. We argue that to change this state of affairs, security departments need to communicate more with users, and adopt a user-centered design approach

Faktor Motivasi Generasi Z Dalam Mengadopsi Fintech : Teori Fokus Regulasi

Penelitian ini bertujuan untuk menguji faktor – faktor yang mempengaruhi niat untuk tetap menggunakan financial technology. Responden penelitian ini merupakan generasi z di Indonesia, dengan menggunakan kuisioner dan diuji dengan program smartpls. Hasil penelitian menemukan bahwa fokus promosi yang digambarkan oleh variabel keuntungan ekonomi, seamless transaction, kenyaman memiliki pengaruh signifikan terhadap niat untuk tetap menggunakan fintech. Lebih lanjut, fokus pencegahan yang digambarkan oleh variabel kerahasiaan dan perlindungan privasi tidak memiliki pengaruh signifikan terhadap niat untuk tetap menggunakan fintech. Hal ini menggambarkan bahwa generasi z akan menggunakan faktor emosionalakan promosi yang ditawarkan oleh layanan fintech

Security and Online learning: to protect or prohibit

The rapid development of online learning is opening up many new learning opportunities. Yet, with this increased potential come a myriad of risks. Usable security systems are essential as poor usability in security can result in excluding intended users while allowing sensitive data to be released to unacceptable recipients. This chapter presents findings concerned with usability for two security issues: authentication mechanisms and privacy. Usability issues such as memorability, feedback, guidance, context of use and concepts of information ownership are reviewed within various environments. This chapter also reviews the roots of these usability difficulties in the culture clash between the non-user-oriented perspective of security and the information exchange culture of the education domain. Finally an account is provided of how future systems can be developed which maintain security and yet are still usable

Information Availability and Security Policy

Information availability is a key element of information security. However, information availability has not been addressed with the same enthusiasm as confidentiality and integrity because availability is impacted by many variables which cannot easily be controlled. The principal goal of this research is to characterize information availability in detail and investigate how effective enterprise security policy can ensure availability

Risk-based assessment of the surety of information systems

Correct operation of an information system requires a balance of ``surety`` domains -- access control (confidentiality), integrity, utility, availability, and safety. However, traditional approaches provide little help on how to systematically analyze and balance the combined impact of surety requirements on a system. The key to achieving information system surety is identifying, prioritizing, and mitigating the sources of risk that may lead to system failure. Consequently, the authors propose a risk assessment methodology that provides a framework to guide the analyst in identifying and prioritizing sources of risk and selecting mitigation techniques. The framework leads the analyst to develop a risk-based system model for balancing the surety requirements and quantifying the effectiveness and combined impact of the mitigation techniques. Such a model allows the information system designer to make informed trade-offs based on the most effective risk-reduction measures

Making Passwords Secure and Usable

To date, system research has focused on designing security mechanisms to protect systems access although their usability has rarely been investigated. This paper reports a study in which users’ perceptions of password mechanisms were investigated through questionnaires and interviews. Analysis of the questionnaires shows that many users report problems, linked to the number of passwords and frequency of password use. In-depth analysis of the interview data revealed that the degree to which users conform to security mechanisms depends on their perception of security levels, information sensitivity and compatibility with work practices. Security mechanisms incompatible with these perceptions may be circumvented by users and thereby undermine system security overall