Volitional non-malicious insider threats: At the intersection of COVID-19, WFH and cloud-facilitated shadow-apps

Patricia Akello, Nicole Lang Beebe, Kim Kwang Choo Raymond

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

In 2020, business operations were changed around the world due to disruptions of COVID-19, forcing organizations to migrate their workforce to a new Work From Home (nWFH) model quickly, and with limited planning, design or testing. As a result, new data security threats have emerged. This study aims to examine an insider-related threat to organizational data due to a self-support model of computing facilitated and accelerated by the mainstream proliferation of convenient, affordable and easily accessible cloud-based applications. Shadow Information Technology is a “double edged sword”-on the one end it boasts benefits of improved job performance, productivity, and cost savings, while on the other end it poses security threats. Moreover, with COVID-19 and nWFH, risks abound as established formal structures of the traditional workplace which reinforces data security policies and procedures are diminished. This gives employees more leeway to leverage unapproved apps with unvetted risk profiles for work-related tasks with the risk of introducing vulnerabilities into the work environment. We examine this issue through the lens of Theory of Planned Behavior (TPB) and General Strain Theory (GST), looking at it from the volitional non-malicious Insider Threat perspective. Study context is nWFH model against the backdrop of COVID-related strains. Expected contribution is in the areas of Insider Threats, Data Security, Shadow IT and Cloud Security. From a theoretical standpoint, the study aims to incorporate GST with the TPB in an attempt to increase its explanatory power while attempting to remedy one of its stated limitations.

Original languageEnglish
Title of host publication27th Annual Americas Conference on Information Systems, AMCIS 2021
PublisherAssociation for Information Systems
ISBN (Electronic)9781733632584
StatePublished - 2021
Event27th Annual Americas Conference on Information Systems, AMCIS 2021 - Virtual, Online
Duration: Aug 9 2021Aug 13 2021

Publication series

Name27th Annual Americas Conference on Information Systems, AMCIS 2021

Conference

Conference27th Annual Americas Conference on Information Systems, AMCIS 2021
CityVirtual, Online
Period08/9/2108/13/21

Keywords

  • Cloud
  • Cloud security
  • Covid-19
  • Insider threats
  • Shadow IT
  • Work from home

Fingerprint

Dive into the research topics of 'Volitional non-malicious insider threats: At the intersection of COVID-19, WFH and cloud-facilitated shadow-apps'. Together they form a unique fingerprint.

Cite this