Psychological theories and their applicability in resolving issues with unauthorised computer access
Masters Thesis
Title | Psychological theories and their applicability in resolving issues with unauthorised computer access |
---|---|
Type | Masters Thesis |
Authors | |
Author | Howard, Angela A. M. |
Supervisor | Gururajan, Raj |
Hafeez-Baig, Abdul | |
Institution of Origin | University of Southern Queensland |
Qualification Name | Master of Business (Research) |
Number of Pages | 186 |
Year | 2011 |
Abstract | Literature has shown that technical solutions are not completely successful in securing information systems from intruders. Previous attempts to develop hacker profiles are still incomplete and time consuming to apply. Prior studies in social engineering and expectancy theory have shown that they can address some of the issues organisations are encountering, especially in employees disclosing sensitive organisational data. Therefore, using these studies in an organisational context may provide clues to how the disclosure of information can be contained. This aspect was posited in the main research question: How can education affect the process of preventing social engineering to minimise the success of unauthorised intrusion? While answering the main research question, due to time constraints, this study focussed only on social engineering as the main cause of disclosing organisational data. This aspect was determined using psychological theories and their applicability in resolving issues with unauthorised computer access. Qualitative approach was used as the main data collection technique and two focus groups were employed in collecting data. The University of Southern Queensland was used as the case organisation and suitable samples were drawn for a 2 x 90‐minute focus group sessions. The qualitative data were analysed using two prominent text analysis applications, namely, Leximancer 3.5 and NVivo 8. This qualitative data analysis identified 5 crucial themes. These themes are security awareness, unauthorised access, social engineering, policies and procedures, and education. It is inferred from the data that changes in the way policies and procedures implemented can have marked improvement in security aspects, especially in containing the leakage of organisational data. Thus, this research can assert that a change in policies and procedures can have an impact on unauthorised access. New findings of the study include that staff are proactively looking for more secure ways in their processing and creating new procedures as they go, and that there seems to be a disconnect between access to information systems and the organisational data. Future research can expand on the model created for this research and focus on expectancy theory as well as quantitative methodology so that outcomes can be generalised. |
Keywords | unauthorised computer access; psychological theories; applicability; University of Southern Queensland; |
ANZSRC Field of Research 2020 | 469999. Other information and computing sciences not elsewhere classified |
Byline Affiliations | School of Information Systems |
https://research.usq.edu.au/item/q1v98/psychological-theories-and-their-applicability-in-resolving-issues-with-unauthorised-computer-access
Download files
1936
total views1065
total downloads0
views this month0
downloads this month