Getting their Hands Stuck in the Cookie Jar - Students’ Security Awareness in 1:1 Laptop Schools
2013 (English)In: International Journal of Public Information Systems, ISSN 1653-4360, Vol. 9, no 1, 1-18 p.Article in journal (Refereed) Published
This paper presents results from an ongoing research project studying schools that have implemented oneto- one-laptops (1:1). The research is interpretative and builds on interviews and survey-responses from students and teachers in two public 1:1 schools in Sweden. We are focusing on the students’ security awareness and compliance by researching into whether the students in 1:1 schools comply with the school’s information security policy (ISP). Theoretically, a security awareness perspective is drawn up based on three parts - formal, cognitive and behavioral awareness - that should be in parity with each other. This means that the students’ psychological perception and actual behavior should be in parity with the schools’ ISP. Our findings show that the schools have communicated their ISPs well and that the students’ security awareness in most areas is equivalent to the schools’ ISPs. However, we also found many instances where it was not the case that the formal, cognitive and behavioral security awareness were in parity with each other. In the analysis of the students’ behavioral security awareness we found that despite the fact that they were aware of the rules they occasionally violated them – most notably when file-sharing and th downloading of software were involved. We conclude by arguing that non-compliance can only be understood based on an understanding of the students’ underlying reason for following or not following the policies and regulations, and that in order to create a secure information environment, school manager must talk to the students to understand their reasoning. In a situation where 1:1 is spreading rapidly amon schools, studies regarding students’ security awareness and behavior are urgent, but so far the field is under-examined.
Place, publisher, year, edition, pages
2013. Vol. 9, no 1, 1-18 p.
Security awareness, public schools, 1:1 laptops, security compliance, case study
Information Systems, Social aspects
IdentifiersURN: urn:nbn:se:liu:diva-102230OAI: oai:DiVA.org:liu-102230DiVA: diva2:675533