End User Security Training for Identification and Access Management

Authors:
Tonia San Nicolas-Rocca;Lorne Olfman
Affiliations:
School of Library and Information Science, San Jose State University, San Jose, CA, USA;Center for Information Systems and Technology, Claremont Graduate University, Claremont, CA, USA
Venue:
Journal of Organizational and End User Computing
Year:
2013

Citing 17
Cited 0

Can the field of MIS be disciplined?

Communications of the ACM
Assessing the value of information

ICIS '89 Proceedings of the tenth international conference on Information Systems
The importance of learning style in end-user training

MIS Quarterly
Controlling prototype development through risk analysis

MIS Quarterly
Diversity in information systems action research methods

European Journal of Information Systems
Rethinking end-user training strategy: applying a hierarchical knowledge-level model

Journal of End User Computing - Special issue on end user computing: clarity, change, choice
Secrets & Lies: Digital Security in a Networked World

Secrets & Lies: Digital Security in a Networked World
Deploying and Using Public Key Technology: Lessons Learned in Real Life

IEEE Security and Privacy
Perceived usefulness, perceived ease of use, and user acceptance of information technology

MIS Quarterly
Special issue on action research in information systems: making is research relevant to practice--foreword

MIS Quarterly
Design principles for competence management systems: a synthesis of an action research study

MIS Quarterly
Fear appeals and information security behaviors: an empirical study

MIS Quarterly
Improving employees' compliance through information systems security training: an action research study

MIS Quarterly
A conceptual model for the process of IT innovation adoption in organizations

Journal of Engineering and Technology Management
Enterprise Systems Training Strategies: Knowledge Levels and User Understanding

Journal of Organizational and End User Computing
IS Security Policy Violations: A Rational Choice Perspective

Journal of Organizational and End User Computing
CISSP All-in-One Exam Guide

CISSP All-in-One Exam Guide

Quantified Score

Hi-index	0.00

Visualization

Abstract

Identification and access management I/AM is among the top security issues facing institutions of higher education. Most institutions of higher education require end users to provide usernames and passwords to gain access to personally identifiable information PII. This leaves universities vulnerable to unauthorized access and unauthorized disclosure of PII as, according to recent literature, usernames and passwords alone are insufficient for proper authentication of users into information and information systems. This study examines a critical element in the successful implementation of any information security initiative, end user training. Specifically, this study advances research in the area of end user security training by using canonical action research CAR to develop and refine an IT security training framework that can guide institutions of higher education in the implementation of USB security tokens for two-factor authentication using public key infrastructure PKI.