Abstract
The purpose of information systems (IS) security behavior, represented by the difference between work and personal purpose, has been neglected in the research of user's IS security behavior. This is especially important for the organizations that allow or inevitably allow their employees to do personal tasks during work hours, because it may bring big threats to an organization's IS. Unfortunately, few empirical studies have examined if different behavioral purpose, typically, work/personal purpose, affects users' IS security behavior decision. Based on boundary theory and the idea of multidimensional rationality, we argue that people demarcate a psychological boundary for work and personal usages of IS and thus apply different rationalities to make IS security-related decisions. Our empirical investigation indicates that in a work usage context, people apply rule-based rationality and therefore are more influenced by mandatoriness and facilitating conditions. Whereas in a personal usage context, people apply outcome-based rationality and therefore are more concerned with task benefits and costs. The findings imply that organizations and vendors may devise different measures to ensure users' IS security behavior in different contexts.
Highlights
In recent years, researchers have continued to stress the human aspect of security issues in information systems (IS)
Compared to the covariance-based structural models, Partial Least Squares (PLS) is more flexible and is more appropriate for exploratory studies that have a goal of finding new theories or extending the current literature to new contexts [61]
We found that facilitating conditions do not influence IS security behavior in a personal context, which is consistent with Ng and Rahim [36]
Summary
Researchers have continued to stress the human aspect of security issues in information systems (IS). Some studies have been conducted for work [1]–[4] and personal contexts [5], [6]. These previous studies suggested that human errors can seriously threaten both organizational and personal IS. Some scholars further suggest that IS security faces more challenges than ever before due to the pervasive use of information technology (IT) for both work and personal purposes [6]. According to a 2011 Ponemon Institute study, 63% of companies’ IT staff believe that employees’
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
