Perceptions of Risk and Security Concerns with Mobile Devices using Biometric vs Traditional Authentication Methods

Authentication methods on mobile devices provide an important layer of security. Many types of authentication methods exist, some traditional and some biometric-based. In this study, we use a survey method to examine whether the presence and type of an authentication method affect perceptions of risk and security concerns around three specific types of mobile device actions: banking, health, and activities with personally identifiable information (PII). We also survey users’ general perceptions of trust, usefulness, convenience, and ease of use toward authentication methods, both traditional and biometric. We find that users’ perceptions of risk and security concerns change when users consider the type of authentication method present on a device. While traditional methods are still more familiar to most users, we also find that perceptions of biometric-based methods are more similar to perceptions of traditional methods than in the past

‘Collective intelligence’ is not necessarily present in virtual groups

When we communicate online, we miss an important element of group intelligence: social sensitivity, write Jordan B. Barlow and Alan R. Denni

Evaluating the Role of Trust in Adoption: A Conceptual Replication in the Context of Open Source Systems

This study is a conceptual replication of the Chandra, Srivastava, & Theng (2010) study on the role of trust in adopting a unique type of technology. Whereas Chandra et al. focused on mobile payment systems, we apply their theoretical model to the context of adopting open source software (OSS). Results are largely consistent and comparable with those of the original model; we also found that user trust plays a vital role in OSS adoption intention. However, two of the hypotheses had significantly different results in our model when compared to the original—specifically, perceived reputation did not have a significant impact on trust in the technology, and trust had a more powerful effect on the perceived usefulness of the technology. We argue that users’ expectations regarding trust are different depending on the type of technology that a user intends to adopt

Don’t Even Think About It! The Effects of Antineutralization, Informational, and Normative Communication on Information Security Compliance

Organizations use security education, training, and awareness (SETA) programs to counter internal security threats and promote compliance with information security policies. Yet, employees often use neutralization techniques to rationalize noncompliant behavior. We investigated three theory-based communication approaches that can be incorporated into SETA programs to help increase compliance behavior: (1) informational communication designed to explain why policies are important; (2) normative communication designed to explain that other employees would not violate policies; and (3) antineutralization communication designed to inhibit rationalization. We conducted a repeated measures factorial design survey using a survey panel of full-time working adults provided by Qualtrics. Participants received a SETA communication with a combination of one to three persuasion statements (informational influence, normative influence statement, and/or an antineutralization), followed by a scenario description that asked for their intentions to comply with the security policy. We found that both informational (weakly) and antineutralization communication (strongly) decreased violation intentions, but that normative communication had no effect. In scenarios where neutralizations were explicitly suggested to participants, antineutralization communication was the only approach that worked. Our findings suggest that we need more research on SETA techniques that include antineutralization communication to understand how it influences behavior beyond informational and normative communication

Organizational Violations of Externally Governed Privacy and Security Rules: Explaining and Predicting Selective Violations under Conditions of Strain and Excess

Privacy and security concerns are pervasive because of the ease of access to information. Recurrent negative cases in the popular press attest to the failure of current privacy regulations to keep consumer and protected health information sufficiently secure in today’s climate of increased IT use. One reason for such failure is that organizations violate these regulations for multiple reasons. To address this issue, we propose a theoretical model to explain the likelihood that organizations will select an externally governed privacy or security rule for violation in response to organizational strain or slack resources. Our proposed theoretical model, the selective organizational information privacy and security violations model (SOIPSVM), explains how organizational structures and processes, along with characteristics of regulatory rules, alter perceptions of risk when an organization’s performance does not match its aspiration levels and, thereby, affects the likelihood of rule violations. Importantly, we contextualize SOIPSVM to organizational privacy and security violations. SOIPSVM builds on and extends the selective organizational rule violations model (SORVM), which posits that organizational rule violations are selective. SOIPSVM provides at least four contributions to the privacy and security literature that can further guide empirical research and practice. First, SOIPSVM introduces the concept of selectivity in rule violations to privacy and security research. This concept can improve privacy and security research by showing that organizational violations of privacy and security rules are dynamic and selective yet influenced by external forces. Second, SOIPSVM extends the boundaries of SORVM, which is limited to explaining the behavior of organizations under strain, such as economic hardship. We contribute to the theory of selective deviance by proposing that selectivity extends to organizations with slack resources. Third, we address ideas of non-economic risk and strain in addition to economic risk and strain. Thus, SOIPSVM explains organizational rule-violating behavior as an attempt to protect core organizational values from external entities that pressure organizations to change their values to comply with rules. Fourth, we broaden the theoretical scope of two important constructs (namely, structural secrecy and procedural emphasis) to improve the model’s explanatory power. Fifth, we identify important elements of rule enforcement by drawing from the tenets of general deterrence theory. We also discuss how one can study constructs from general deterrence theory at the organizational level. To conclude, we offer recommendations for the structuring of organizations and external regulations to decrease organizational rule violations, which often lead to the abuse of consumer information

Overview and Guidance on Agile Development in Large Organizations

A continual debate surrounds the effectiveness of agile software development practices. Some organizations adopt agile practices to become more competitive, improve processes, and reduce costs. Other organizations are skeptical about whether agile development is beneficial. Large organizations face an additional challenge in integrating agile practices with existing standards and business processes. To examine the effects of agile development practices in large organizations, we review and integrate scientific literature and theory on agile software development. We further organize our theory and observations into a framework with guidelines for large organizations considering agile methodologies. Based on this framework, we present recommendations that suggest ways large organizations with established processes can successfully implement agile practices. Our analysis of the literature and theory provides new insight for researchers of agile software development and assists practitioners in determining how to adopt agile development in their organizations

Overview and Guidance on Agile Development in Large Organizations

A continual debate surrounds the effectiveness of agile software development practices. Some organizations adopt agile practices to become more competitive, improve processes, and reduce costs. Other organizations are skeptical about whether agile development is beneficial. Large organizations face an additional challenge in integrating agile practices with existing standards and business processes. To examine the effects of agile development practices in large organizations, we review and integrate scientific literature and theory on agile software development. We further organize our theory and observations into a framework with guidelines for large organizations considering agile methodologies. Based on this framework, we present recommendations that suggest ways large organizations with established processes can successfully implement agile practices. Our analysis of the literature and theory provides new insight for researchers of agile software development and assists practitioners in determining how to adopt agile development in their organizations

Spectral analysis on infinite Sierpinski fractafolds

A fractafold, a space that is locally modeled on a specified fractal, is the fractal equivalent of a manifold. For compact fractafolds based on the Sierpinski gasket, it was shown by the first author how to compute the discrete spectrum of the Laplacian in terms of the spectrum of a finite graph Laplacian. A similar problem was solved by the second author for the case of infinite blowups of a Sierpinski gasket, where spectrum is pure point of infinite multiplicity. Both works used the method of spectral decimations to obtain explicit description of the eigenvalues and eigenfunctions. In this paper we combine the ideas from these earlier works to obtain a description of the spectral resolution of the Laplacian for noncompact fractafolds. Our main abstract results enable us to obtain a completely explicit description of the spectral resolution of the fractafold Laplacian. For some specific examples we turn the spectral resolution into a "Plancherel formula". We also present such a formula for the graph Laplacian on the 3-regular tree, which appears to be a new result of independent interest. In the end we discuss periodic fractafolds and fractal fields

GATA4 controls regionalization of tissue immunity and commensal-driven immunopathology

There is growing recognition that regionalization of bacterial colonization and immunity along the intestinal tract has an important role in health and disease. Yet, the mechanisms underlying intestinal regionalization and its dysregulation in disease are not well understood. This study found that regional epithelial expression of the transcription factor GATA4 controls bacterial colonization and inflammatory tissue immunity in the proximal small intestine by regulating retinol metabolism and luminal IgA. Furthermore, in mice without jejunal GATA4 expression, the commensal segmented filamentous bacteria promoted pathogenic inflammatory immune responses that disrupted barrier function and increased mortality upon Citrobacter rodentium infection. In celiac disease patients, low GATA4 expression was associated with metabolic alterations, mucosal Actinobacillus, and increased IL-17 immunity. Taken together, these results reveal broad impacts of GATA4-regulated intestinal regionalization on bacterial colonization and tissue immunity, highlighting an elaborate interdependence of intestinal metabolism, immunity, and microbiota in homeostasis and disease.</p

TRY plant trait database - enhanced coverage and open access

Plant traits-the morphological, anatomical, physiological, biochemical and phenological characteristics of plants-determine how plants respond to environmental factors, affect other trophic levels, and influence ecosystem properties and their benefits and detriments to people. Plant trait data thus represent the basis for a vast area of research spanning from evolutionary biology, community and functional ecology, to biodiversity conservation, ecosystem and landscape management, restoration, biogeography and earth system modelling. Since its foundation in 2007, the TRY database of plant traits has grown continuously. It now provides unprecedented data coverage under an open access data policy and is the main plant trait database used by the research community worldwide. Increasingly, the TRY database also supports new frontiers of trait-based plant research, including the identification of data gaps and the subsequent mobilization or measurement of new data. To support this development, in this article we evaluate the extent of the trait data compiled in TRY and analyse emerging patterns of data coverage and representativeness. Best species coverage is achieved for categorical traits-almost complete coverage for 'plant growth form'. However, most traits relevant for ecology and vegetation modelling are characterized by continuous intraspecific variation and trait-environmental relationships. These traits have to be measured on individual plants in their respective environment. Despite unprecedented data coverage, we observe a humbling lack of completeness and representativeness of these continuous traits in many aspects. We, therefore, conclude that reducing data gaps and biases in the TRY database remains a key challenge and requires a coordinated approach to data mobilization and trait measurements. This can only be achieved in collaboration with other initiatives