SECReT 2010 PhD projects
Find a SECReT supervisor
Information for overseas students
View SECReT animation
Download SECReT brochure

Towards a usable and less disruptive security in the workplace

7 March 2012

Kat Krol

My PhD research will explore employees’ coping techniques with regard to security procedures. I will look at the problem at two levels. Firstly, at the Human-Computer Interaction (HCI) level, people often do not comply with security procedures because they find them too tiresome and hard to comprehend. Previous research has introduced the notion of ‘compliance budget’ to describe the decision employees make when weighting the costs and benefits of following a security procedure.

Often, there is a trade-off between productivity and security. In what follows, this project will aim to develop more usable computer interfaces to make security seamlessly fit into employees’ usual activities and make it significantly less interfering with business processes. Secondly, there are changes needed in terms of staff’s perception of security. Employees need training to better understand risks and start to think about security as something valuable rather than bothersome.

In terms of EPSRC’s mission and vision, this project will make a step towards a more usable security and at the same time, advance people’s understanding of computer security. Its aim is to diminish information leakage, loss and theft due to mistakes made by insiders. Part of this project will involve liaising with organisations from the public and private sector which will add value to the outcomes of the project and enable a quick implementation of proposed solutions.