Faculty of Economics and Business Administration Publications Database

How Information Security Requirements Stress Employees

Haag, Steffi
Link External Source: Online Version
Year: 2016
Keywords: Security-related stress; IS security; ISP compliance intention; Technostress

To increase information security awareness among their workforce and to achieve secure information systems (IS), decision-makers employ measures of information security, such as security policies or associated training and educational programs. However, these information security measures might also put stress on employees, so-called security-related stress, for instance, if they are perceived as difficult to understand, as an invasion of privacy, or if they give rise to conflicts of interest.
While previous IS security research directly applies the existing concept of technostress to the security context, we develop and validate a more specific and holistic construct of security-related stress manifested in multidimensional stressors of individuals’ work, personal, and social environment. A first empirical test with 165 participants does not only confirm the newly identified sub-dimensions, but also shows mixed effects of the interrelated but distinct sub-dimensions of security-related stress on information security policy compliance intention.