Format

Send to

Choose Destination

See 1 citation found by title matching your search:

Appl Ergon. 2007 Mar;38(2):143-54. Epub 2006 Jun 19.

Human errors and violations in computer and information security: the viewpoint of network administrators and security specialists.

Author information

1
Department of Industrial and Systems Engineering, Center for Quality and Productivity Improvement, University of Wisconsin-Madison, 610 Walnut Street 575 WARF, Madison, WI 53726, USA. skraemer@cqpi.engr.wisc.edu

Abstract

This paper describes human errors and violations of end users and network administration in computer and information security. This information is summarized in a conceptual framework for examining the human and organizational factors contributing to computer and information security. This framework includes human error taxonomies to describe the work conditions that contribute adversely to computer and information security, i.e. to security vulnerabilities and breaches. The issue of human error and violation in computer and information security was explored through a series of 16 interviews with network administrators and security specialists. The interviews were audio taped, transcribed, and analyzed by coding specific themes in a node structure. The result is an expanded framework that classifies types of human error and identifies specific human and organizational factors that contribute to computer and information security. Network administrators tended to view errors created by end users as more intentional than unintentional, while errors created by network administrators as more unintentional than intentional. Organizational factors, such as communication, security culture, policy, and organizational structure, were the most frequently cited factors associated with computer and information security.

PMID:
16782040
DOI:
10.1016/j.apergo.2006.03.010
[Indexed for MEDLINE]

Supplemental Content

Full text links

Icon for Elsevier Science
Loading ...
Support Center