Towards Minimizing Human Factors In End-User Information Security

Today, many hardware and software solutions are available to enhance information security, however, little is known about the human factor in information security. Other researchers have revealed that the application of information security technologies alone does not always result in improved security. Human factors immensely contribute to the security of information systems. This paper addresses the missing link in information security, that is, the end-user working with the information system. In this study, a survey was carried out in two state universities in order to establish the human factors that compromise information security. Human factors affecting end user security were divided into four categories namely, Social Engineering, Carelessness, Bad Password behavior and Security training.