Abstract
While prior research has examined the cognitive factors that influenced the information security behaviors of remote workers, little was known about the impact of the different work environments on these behaviors. Moreover, organizations and employees were abruptly forced to embrace working from home due to the ongoing COVID-19 pandemic, which created unprecedented problems and inconvenience in how employees perform daily work at home that could jeopardize organizational information security. This study adapts the technology-organization-environment (TOE) framework to investigate the factors that influence how employees in Vietnam protect organizational information security while working from home during the COVID-19 pandemic. Our qualitative findings drawn from in-depth interviews with 20 respondents reveal several factors that influence the employee protection of organizational InfoSec at home, such as the use of secure software for remote work, the flexible yet distracting work environment at home, and the lack of social interactions with colleagues that could demotivate personal information security efforts. We offer practical recommendations for organizations to prepare for flexible and secure workplaces in the future, especially to meet the continuing demand for working from home after the COVID-19 pandemic. In terms of theoretical implications, future studies are encouraged to focus on exploring the contextual and situational factors that influence employee information security behaviors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alzahrani, A. (2020). Coronavirus social engineering attacks: Issues and recommendations. International Journal of Advanced Computer Science and Applications, 11(5), 154–161.
Ayyagari, R., Grover, V., & Purvis, R. (2011). Technostress: Technological Antecedents and Implications. MIS Quarterly: Management Information Systems, 35(4), 831–858.
Bélanger, F., Watson-Manheim, M. B., & Swan, B. R. (2013). A multi-level socio-technical systems telecommuting framework. Behaviour and Information Technology, 32(12), 1257–1279.
Braun, V., & Clarke, V. (2006). Using thematic analysis in psychology. Qualitative Research in Psychology, 3(2), 77–101.
Chigada, J., & Madzinga, R. (2021). Cyberattacks and threats during COVID-19: A systematic literature review. SA Journal of Information Management, 23(1), 1–11.
Chowdhury, N. H., Adam, M. T. P., & Skinner, G. (2019). The impact of time pressure on cybersecurity behaviour: A systematic literature review. Behaviour and Information Technology, 38(12), 1290–1308.
Cooper, C. D., & Kurland, N. B. (2002). Telecommuting, professional isolation, and employee development in public and private organizations. Journal of Organizational Behavior, 23, 511–532.
Creswell, J.W. a., & Creswell, J.D. (2018). In Research Design: Qualitative, Quantitative, and Mixed Methods Approaches. 5th ed. SAGE Publications, Inc.,.
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. L. (2013). Future directions for behavioral information security research. Computers & Security (32), Elsevier Ltd, 90–101.
D’Arcy, J., Herath, T., & Shoss, M. K. (2014). Understanding employee responses to stressful information security requirements: A coping perspective. Journal of Management Information Systems, 31(2), 285–318.
D’Arcy, J., & Hovav, A. (2008). Does one size fit all? Examining the differential effects of is security counter measures. Journal of Business Ethics, 89(S1), 59–71.
Dang-Pham, D., Pittayachawan, S., & Bruno, V. (2017). Why employees share information security advice? Exploring the contributing factors and structural patterns of security advice sharing in the workplace. Computers in Human Behavior, 67, 196–206.
Depietro, R., Wiarda, E., & Fleischer, M. (1990). The context for change: Organization, technology and environment. The Processes of Technological Innovation, 199, 151–175.
De’, R., Pandey, N., & Pal, A. (2020). Impact of digital surge during Covid-19 pandemic: A viewpoint on research and practice. International Journal of Information Management, 55(June).
Furnell, S., & Shah, J. N. (2020). Home working and cyber security—an outbreak of unpreparedness? Computer Fraud and Security, 2020(8), 6–12.
Gajendran, R. S., & Harrison, D. A. (2007). The good, the bad, and the unknown about telecommuting: Meta-analysis of psychological mediators and individual consequences. Journal of Applied Psychology, 92, 1524–1541.
Georgiadou, A., Mouzakitis, S., & Askounis, D. (2021). Working from home during COVID-19 Crisis: A cyber security culture assessment survey. Security Journal (2021).
Godlove, T. (2012). Examination of the factors that influence teleworkers’ willingness to comply with information security guidelines. Information Security Journal, 21(4), 216–229.
Hobbs, D., & Armstrong, J. (1998). An experimental study of social and psychological aspects of teleworking. Facilities, 16(12–13), 366–371.
Jain, T., Currie, G., and Aston, L. (2021). COVID and working from home: Long-term impacts and psycho-social determinants. Transportation Research Part A: Policy and Practice, 156, 52–68.
Kazekami, S. (2020). Mechanisms to improve labor productivity by performing telework. Telecommunications Policy, 44(2), 101868.
Laato, S., Islam, A. K. M. N., Islam, M. N., & Whelan, E. (2020). What drives unverified information sharing and cyberchondria during the COVID-19 pandemic? European Journal of Information Systems 29(3), 288–305.
Lallie, H. S., Shepherd, L. A., Nurse, J. R. C., Erola, A., Epiphaniou, G., Maple, C., & Bellekens, X. (2021). Cyber security in the age of COVID-19: A timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Computers and Security, 105.
Li, Y., & Siponen, M. (2011). A call for research on home users' information security behaviour. In: 15th Pacific Asia Conference on Information Systems (PACIS).
Martin, B. H., & MacDonnell, R. (2012). Is telework effective for organizations? A meta-analysis of empirical research on perceptions of telework and organizational outcomes. Management Research Review, 35(7), 602–616.
Maslach, C., Schaufeli, W. B., & Leiter, M. P. (2001). Job burnout. Annual Review of Psychology, 52, 397–422.
Moen, P., Kelly, E. L., & Hill, R. (2011). Does enhancing work-time control and flexibility reduce turnover? A naturally occurring experiment. Social Problems, 58, 69–98.
Mwagwabi, F., & Jiow, J. H. (2021). Compliance with security guidelines in teenagers: The conflicting role of peer influence and personal norms. Australasian Journal of Information Systems, 25, 1–25.
Palanisamy, R., Norman, A. A., & Kiah, M. L. M. (2020). Compliance with bring your own device security policies in organizations: A systematic literature review. Computers and Security 98.
Pearlson, K. E., & Saunders, C. S. (2001). There’s no place like home: Managing telecommuting paradoxes. Academy of Management Executive, 15(2), 117–128.
Pham, H. C. (2019). Information security burnout: Identification of sources and mitigating factors from security demands and resources. Journal of Information Security and Applications, 46, Elsevier Ltd, 96–107.
Pollini, A., Callari, T. C., Tedeschi, A., Ruscio, D., Save, L., Chiarugi, F., & Guerri, D. (2021). Leveraging human factors in cybersecurity: An integrated methodological approach. Cognition, Technology and Work.
Rhee, H.-S. S., Kim, C., & Ryu, Y. U. (2009). Self-Efficacy in information security: Its influence on end users’ information security practice behavior. Computers & Security, 28 (8), 816– 826.
Safa, N. S., & Von Solms, R. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442–451.
Sardeshmukh, S. R., Sharma, D., & Golden, T. D. (2012). Impact of telework on exhaustion and job engagement. New Technology, Work and Employment, 27(3), 193–207.
Smite, D., Tkalich, A., Moe, N. B., Papatheocharous, E., Klotins, E., & Buvik, M. P. (2022). Changes in perceived productivity of software engineers during covid-19 pandemic: The voice of evidence. Journal of Systems and Software, 186, 1–14.
Viet Nam COVID-19 Situation Report #65. WHO. 30 October 2021. Retrieved 30 October 2021.
Warkentin, M., Johnston, A. C., & Shropshire, J. (2011). The influence of the informal social learning environment on information privacy policy compliance efficacy and intention. European Journal of Information Systems, 20(3), 267–284.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this chapter
Cite this chapter
Dang-Pham, D., Pham, H., Hoang, AP., Vo, DT., Nguyen, L.T.V. (2023). Protecting Organizational Information Security at Home During the COVID-19 Pandemic in Vietnam: Exploratory Findings from Technology-Organization-Environment Framework. In: Hoang Thuan, N., Dang-Pham, D., Le, HS., Phan, T.Q. (eds) Information Systems Research in Vietnam. Springer, Singapore. https://doi.org/10.1007/978-981-19-3804-7_6
Download citation
DOI: https://doi.org/10.1007/978-981-19-3804-7_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-3803-0
Online ISBN: 978-981-19-3804-7
eBook Packages: Business and ManagementBusiness and Management (R0)