TY - GEN
T1 - Shadow-IT system and insider threat
T2 - 20th International Conference on HCI, HCI International 2018
AU - Shaikh, Asif
N1 - Publisher Copyright:
© Springer International Publishing AG, part of Springer Nature 2018.
PY - 2018
Y1 - 2018
N2 - Shadow IT is taken as a key example of unauthorized use of IT resources/tools and is defined as collaborative systems for communication and sharing content among employees of an organization. Currently, organizations are struggling to understand the threats to their sensitive information assets and the necessary means to combat them. This research study seeks to understand such specific threats posed by insiders in an organizational context that facilitate such unauthorized use of Information technology. Using a survey design, this document systematically attempts to measure the fraud risk to Personally Identifiable Information (PII) as identity (ID) theft from insiders in varying security environments. By integrating the opportunity dimension, as explained in a fraud triangle, and the organizational context of insider threat to sensitive information, this research will present a theoretical model that may help explain the relationship between the various aspects of Shadow-IT system and the potential opportunity for the fraudulent behavior from respective shadow users.
AB - Shadow IT is taken as a key example of unauthorized use of IT resources/tools and is defined as collaborative systems for communication and sharing content among employees of an organization. Currently, organizations are struggling to understand the threats to their sensitive information assets and the necessary means to combat them. This research study seeks to understand such specific threats posed by insiders in an organizational context that facilitate such unauthorized use of Information technology. Using a survey design, this document systematically attempts to measure the fraud risk to Personally Identifiable Information (PII) as identity (ID) theft from insiders in varying security environments. By integrating the opportunity dimension, as explained in a fraud triangle, and the organizational context of insider threat to sensitive information, this research will present a theoretical model that may help explain the relationship between the various aspects of Shadow-IT system and the potential opportunity for the fraudulent behavior from respective shadow users.
KW - Information security
KW - Sensitive information
KW - Shadow-IT system
UR - https://www.scopus.com/pages/publications/85061524567
U2 - 10.1007/978-3-319-92285-0_44
DO - 10.1007/978-3-319-92285-0_44
M3 - Conference contribution
AN - SCOPUS:85061524567
SN - 9783319922843
T3 - Communications in Computer and Information Science
SP - 314
EP - 317
BT - HCI International 2018 – Posters’ Extended Abstracts - 20th International Conference, HCI International 2018, Proceedings
A2 - Stephanidis, Constantine
PB - Springer Verlag
Y2 - 15 July 2018 through 20 July 2018
ER -