Exploring universities' information systems security awareness in a changing higher education environment : a comparative case study research

The use of technical information system security measures may prove insufficient in protecting information assets if proper and adequate information security awareness is not maintained. The quantity of in-depth studies concerning the organizational aspect of information security is very limited. Th...

Full description

Bibliographic Details
Main Author: Marks, Adam A.
Published: University of Salford 2007
Subjects:
Online Access:http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.575037
Description
Summary:The use of technical information system security measures may prove insufficient in protecting information assets if proper and adequate information security awareness is not maintained. The quantity of in-depth studies concerning the organizational aspect of information security is very limited. The number of these studies within higher education is even more limited. This limited attention is even more apparent in the case of developing countries where factors such as lack of infrastructure, lack of resources, lack of knowledge, and other language and sociological barriers may come into play. In an effort to improve the quality of higher education, the UAE has witnessed, in the recent few years, the establishment of a number of U.S. and other foreign higher education institutions branch campuses. In addition, while some of the UAE local higher education institutions have been seeking US accreditation or affiliation, others have adopted a North American system of higher education. The purpose of this study is to explore the different information systems security threats and the levels of information systems security awareness of information systems decision maker and personnel in higher education within the context of a developing country, namely the UAE, compared to those of developed countries, namely the UK and the US. To conduct the research, an interpretive case-study approach was employed using multiple data gathering instruments. In sum, this thesis present information, implications, and recommendations obtained from an evaluation of the current information systems security practices within the examined higher education environments. It is from this information that a clear picture emerges of the present role of technology. The findings of this thesis could also be transferred to other higher education settings that share similar goals and attributes.