Even if users do not read security directives, their behavior is not so catastrophic

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F22%3A00124955" target="_blank" >RIV/00216224:14330/22:00124955 - isvavai.cz</a>

Výsledek na webu

<a href="https://cacm.acm.org/magazines/2022/1/257441" target="_blank" >https://cacm.acm.org/magazines/2022/1/257441</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3471928" target="_blank" >10.1145/3471928</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Even if users do not read security directives, their behavior is not so catastrophic

Popis výsledku v původním jazyce

We discuss an effort undertaken at Masaryk University (MU) – a Czech university with some 30.000 students – where we tried to improve our security directive to motivate users to follow it. From the research perspective, we also wanted to find out more about the current state of affairs from the user perspective: Do users (still not) follow the security policy? At the same time, the fact that our university IT infrastructure management had the intention to redesign the (outdated) security directive, constituted an ideal opportunity for us to deeper investigate the topic. And our initial faith has been hit hard – as we describe in some detail in this viewpoint, but it wasn’t a wasted effort at all. The data we obtained as a side effect shows a new perspective on this area.

Název v anglickém jazyce

Even if users do not read security directives, their behavior is not so catastrophic

Popis výsledku anglicky

We discuss an effort undertaken at Masaryk University (MU) – a Czech university with some 30.000 students – where we tried to improve our security directive to motivate users to follow it. From the research perspective, we also wanted to find out more about the current state of affairs from the user perspective: Do users (still not) follow the security policy? At the same time, the fact that our university IT infrastructure management had the intention to redesign the (outdated) security directive, constituted an ideal opportunity for us to deeper investigate the topic. And our initial faith has been hit hard – as we describe in some detail in this viewpoint, but it wasn’t a wasted effort at all. The data we obtained as a side effect shows a new perspective on this area.

Druh

J_ost - Ostatní články v recenzovaných periodicích

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Communications of the ACM

ISSN

0001-0782

e-ISSN

1557-7317

Svazek periodika

65

Číslo periodika v rámci svazku

1

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

4

Strana od-do

37-40

Kód UT WoS článku

000731456200014

EID výsledku v databázi Scopus

2-s2.0-85122153281