Browse by author
Lookup NU author(s): Dr Simon Parkin, Professor Aad van Moorsel
Recent strides in usability research have produced various solutions to assist computer users during interactions with IT security mechanisms. However, the usability concerns of users within organisations are not considered or simply not apparent to the one individual who can effect change, the IT security manager. Ideally these concerns would resonate with the IT security manager, and here we explore how that can be realised, through the design of a password policy decision-support tool. During two 2-hour sessions, 3 IT security managers discussed with us our mock-up prototypes and a range of potential usage scenarios (e.g. cloud-based password-cracking attacks and “hot desking” initiatives). We find that the experience of the end-user is currently not appropriately represented within the IT security manager’s decision-making process, where the financial costs/benefits and business impacts of information security controls are foremost. Our tool design process elicits findings to help develop mechanisms to visualise these tradeoffs.
Author(s): Parkin S, van Moorsel A, Inglesant P, Sasse MA
Publication type: Report
Publication status: Published
Series Title: School of Computing Science Technical Report Series
Year: 2010
Pages: 18
Print publication date: 01/07/2010
Source Publication Date: July 2010
Report Number: 1209
Institution: School of Computing Science, University of Newcastle upon Tyne
Place Published: Newcastle upon Tyne
URL: http://www.cs.ncl.ac.uk/publications/trs/papers/1209.pdf