Computer security control practices: views of future employees in Malaysia

Threats in computerized working environment are getting serious attention by many companies around the world. These threats among others include; highly important data loss, misuse of companies’ computer facilities, and equipment damages due to negligence by the employees. Due to these threats, it i...

Full description

Bibliographic Details
Main Authors: Zainol, Zaini, Puat Nelson, Sherliza
Format: Conference or Workshop Item
Language:English
Published: 2015
Subjects:
Online Access:http://irep.iium.edu.my/43615/
http://irep.iium.edu.my/43615/12/programme-book%2Bpaper%2Bacceptance_letter-zaini-zainol.pdf
Description
Summary:Threats in computerized working environment are getting serious attention by many companies around the world. These threats among others include; highly important data loss, misuse of companies’ computer facilities, and equipment damages due to negligence by the employees. Due to these threats, it is timely to install awareness and educate future employees on how to better safeguard companies’ properties especially the information technology resources like computers. In light of this, it calls for a growing need of research to investigate the existing practices of computer security controls in four domains namely; (1) data security controls,(2) software and access security controls, (3) hardware and physical access controls and (4) output security controls. Business students who enrolled in accounting, economics, and finance and business degrees are chosen as proxies for future employees in corporate organizations. In total, 346 questionnaires were distributed to students at the Faculty of Economics and Management Sciences in one university in Malaysia. These students were required to indicate their existing behaviour or practices with regard to their own personal computer’s administration within the four mentioned domains. Our findings indicate that majority of the students were concerned about their computer’s security controls. However, it is of our concern to find that, there were students who put little attention on their computers’ security. And hence, posed potential threats to their future employers. Our recommendations are higher learning institutions should continuously stress the importance of practicing good security controls in their education, and instill security governance awareness in IT usage to their students.