Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday August 12 2015, @01:07PM   Printer-friendly
from the I-shouldn't-tell-you-this,-but dept.

Researchers from Simon Fraser University's Beedie School of Business have found that organizations implementing rules that govern confidential information (CI) can make it difficult for employees to fulfill their roles – resulting in rule breaking or bending.

Their paper, "Why and How Do Employees Break and Bend Confidential Information Protection Rules?" was co-authored by Dave Hannah, an associate professor in the Beedie School and Kirsten Robertson, an assistant professor at the University of the Fraser Valley, and published in the spring in the Journal of Management Studies.

The study examined two high-tech organizations that enforce CI protection rules. It found that these rules sometimes proved to be restrictive for employees, forcing them to choose between rule compliance and working efficiently.

Employees were often required to break the rules in order to carry out their jobs effectively, or bend them in ways that enabled them to meet some rule requirements.

"Many organizations rely on CI – the formula for Coca Cola, for example – which they must entrust to employees to allow them to do their jobs," says Hannah.

"Yet as soon as employees know this CI they become a potential vulnerability, forcing organizations to put in place rules to protect their CI that employees must follow."

The researchers found that by implementing CI rules they can create three types of tension among employees: obstruction tension, making it difficult for people to work; knowledge network tension, disrupting information flow in personal networks; and identity tension, where employees cannot fulfill the role with which they identify.

The study revealed that employees react to these types of tension by breaking or bending the rules in specific ways: shortcutting, circumventing rules that slowed work; conspiring, where they work together to get around rules; and selectively disclosing, where they allow external networks access to certain aspects of the CI.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Insightful) by Anonymous Coward on Wednesday August 12 2015, @08:54PM

    by Anonymous Coward on Wednesday August 12 2015, @08:54PM (#221915)

    > Getting it done will always trump doing it right.

    Good security makes the 'easy path' the secure path.
    Bad security makes the 'easy path' an insecure path.

    Starting Score:    0  points
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  

    Total Score:   1