Advanced search
Publication Cover
International Journal of Human–Computer Interaction Volume 32, 2016 - Issue 7
Submit an article Journal homepage
551
Views
8
CrossRef citations to date
0
Altmetric
Articles

Nontechnical Deterrence Effects of Mild and Severe Internet Use Policy Reminders in Reducing Employee Internet Abuse

Morgan M. ShepherdCollege of Business, University of Colorado–Colorado Springs, Colorado Springs, Colorado, USACorrespondence[email protected]
View further author information
&
Roberto J. MejiasHasan School of Business and Colorado State University–Pueblo, Pueblo, Colorado, USAView further author information
Pages 557-567 | Published online: 26 May 2016

References

  • Akman, I., & Alok, M. (2010). Gender, age and income differences in Internet usage among employees in organizations. Computers in Human Behavior, 26(3), 482–490.
  • Beccaria, C. (1963). Essays on crimes and punishment. New York, NY: Macmillan.
  • Becker, G. S. (1974). Essays in the economics of crime and punishment. Cambridge, MA: National Bureau of Economic Research.
  • Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information system awareness. MIS Quarterly, 34(3), 523–548.
  • Chen, Y., Ramamurthy, K., & Wen, K. W. (2012). Organizations’ information security policy compliance: Stick or carrot approach? Journal of Management Information Systems, 29(3), 157–188.
  • Ciampa, M. (2012). Security+ guide to network security fundamentals (4th ed.). Boston, MA: Course Technology, Cengage Learning.
  • Conner, C. (2013). Who wastes the most time at work? Forbes. Retrieved from http://www.forbes.com/sites/cherylsnappconner/2013/09/07/who-wastes-the-most-time-at-work/
  • D’Arcy, J., & Devaraj, S. (2012). Employee misuse of information technology resources: Testing a contemporary deterrence model. Decision Sciences, 43(6), 1091–1124.
  • D’Arcy, J., & Herath, T. (2011). A review and analysis of deterrence theory in the IS security literature: Making sense of the disparate findings. European Journal of Information Systems, 20(6), 643–658.
  • D’Arcy, J., Hovav, A., & Galletta, D. F. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79–98.
  • Eisenhardt, K. M. (1989). Agency theory: An assessment and review. Academy of Management Review, 14(1), 57–74.
  • Gibbs, J. P. (1975). Crime, punishment, and deterrence. New York, NY: Elsevier.
  • Glassman, J., Prosch, M., & Shao, B. (2015). To monitor or not to monitor: Effectiveness of a cyberloafing countermeasure. Information & Management, 52(2), 170–182.
  • Henle, C. A., Kohut, G., & Booth, R. (2009). Designing electronic use policies to enhance employee perceptions of fairness and to reduce cyber loafing. Computers in Human Behavior, 25(4), 902–910.
  • Herath, T., & Rao, H. R. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154–165.
  • Howard, P. E., Rainie, L., & Jones, S. (2001). Days and nights on the internet: The impact of a diffusing technology. American Behavioral Scientist, 45(3), 383–404.
  • Jensen, M. C., & Meckling, W. H. (1976). Theory of the firm: Managerial behavior, agency costs and ownership structure. Journal of Financial Economics, 3(4), 305–360.
  • Johnson, J., & Ugray, Z. (2007). Employee internet abuse: Policy versus reality. Issues in Information Systems, 8(2), 214–219.
  • Kim, B. C., & Yong, W. P. (2012). Security versus convenience? An experimental study of user misperceptions of wireless internet service quality. Decision Support Systems, 53(1), 1–11.
  • Kolkowska, E., & Dhillon, G. (2013). Organizational power and information security rule compliance. Computers & Security, 33, 3–11.
  • Lee, M. C., & Tsai, T. R. (2010). What drives people to continue to play online games? An extension of technology model and theory of planned behavior. International Journal of Human–Computer Interaction, 26(6), 601–620.
  • Li, H., Zhang, J., & Sarathy, R. (2010). Understanding compliance with internet use policy from the perspective of rational choice theory. Decision Support Systems, 48, 635–645.
  • McCarthy, B. (2002). New economics of sociological criminology. Annual Review of Sociology, 28(1), 417–442.
  • Mejias, R. J., & Balthazard, P. (2014). A model of information security awareness for assessing information security risk. Journal of Information Privacy and Security, 10, 1–26.
  • Mejias, R. J., & Harvey, M. (2012). A case for information security awareness programs (ISA) to protect global information, innovation and knowledge resources. International Journal of Transitions and Innovation Systems, 2(3–4), 302–324.
  • NIST (National Institute of Standards and Technology) (2006). NIST-100, Technology Administration, U.S. Dept. of Commerce, Information Security Handbook: A Guide for managers, prepared by Bowen, P., Hash, J., & Wilson, M. Gaithersburg, MD: NIST.
  • Paternoster, R., & Simpson, S. (1996). Sanction threats and appeals to morality: Testing a rational choice model of corporate crime. Law & Society Review, 30(3), 549–584.
  • Peace, A. G., Galletta, D., & Thong, J. (2003). Software piracy in the workplace: A model and empirical test. Journal of Management Information Systems, 20(1), 153–177.
  • Pfleeger, S. L., & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cyber-security risk. Computers & Security, 31(4), 597–611.
  • Png, I. P. L., Wang, C. Y., & Wang, Q. H. (2008). The deterrent and displacement effects of info security enforcement: International evidence. Journal of Management Information Systems, 25(2), 125–144.
  • Pratt, T. C., Cullen, F. T., Blevis, K. R., Daigle, L. E., & Madensen, T. D. (2006). The empirical status of deterrence theory: A meta-analysis. In In F. T. Cullen, J. Wright, & K. Blevins (Eds.), Taking stock: Status of criminological theory (pp. 37–76). New Brunswick, NJ: Transaction Publishers.
  • Sawik, T. (2013). Selection of optimal countermeasure portfolio in it security planning. Decision Support Systems, 55, 156–164.
  • Shepherd, M., & Klein, G. (2012). Using deterrence to mitigate employee internet abuse. In Proceedings of the 44th Annual Hawaii International Conference on Systems Sciences (HICSS). Waikola, HI: IEEE.
  • Shepherd, M. M., Mejias, R. J., & Klein, G. (2014). A longitudinal study to determine the effects of non-technical deterrence on reducing employee Internet abuse frequency. In Proceedings of the 47th Hawaii International Conference on Systems Sciences (pp. 3159–3168). Waikola, HI: IEEE.
  • Shih, D. F., Hsu, S. F., Yen, D. D., & Lin, C. C. (2012). Exploring the individual’s behavior on self-disclosure online. International Journal of Human–Computer Interaction, 28, 627–645.
  • Shu, Q., Tu, Q., & Wang, K. (2011). The impact of computer self-efficacy and technology dependence on computer-related technostress: A social cognitive theory perspective. International Journal of Human–Computer Interaction, 27(10), 923–939.
  • Siponen, M., & Vance, A. (2010). Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487–502.
  • Van Schaik, P., & Ling, J. (2005). Five psychometric scales for online measurement of the quality of human–computer interaction in web sites. International Journal of Human–Computer Interaction, 18(3), 309–322.
  • Vitak, J., Crouse, J., & LaRose, R. (2011). Personal internet use at work: Understanding cyber-slacking. Computers in Human Behavior, 27(5), 1751–1759.
  • Warkentin, M., Johnston, A. C., & Shropshire, J. (2011). The influence of the informal social learning environment on information privacy policy compliance efficacy and intention. European Journal of Information Systems, 20(3), 267–284.
  • Wenzel, M. (2004). The social side of sanctions: Personal and social norms as moderators of deterrence. Law and Human Behavior, 28(5), 547–567.
  • Whitman, M. E., & Mattord, H. J. (2012). Principles of information security (4th ed.). Boston, MA: Thompson Course Technology.
  • Young, K. S., & Case, C. J. (2004). Internet abuse in the workplace: New trends in risk management. Cyber-Psychology and Behavior, 7(1), 105–111.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.