An Examination of Work Practices and Tool Use in High Risk Environments

Velasquez, Nicole Forsgren

January 2008

This research presents an in-depth investigation and description of a single user group, system administrators. Following an overview of these computing professionals and their complex, risky work environment, system administrator work practices were investigated using data collected from previous experience, interviews, a usability study, and the literature. This research contributes to existing knowledge by presenting an analysis of system administrator work practices and identifying them as broker technicians. As such, many of the findings of this study may apply to other broker technicians. Because the work of system administration is so dependent upon technology and the way sysadmins access and control that technology, investigations of tool use were then studied. Through an analysis of work practices related to tool use, attributes important to system administrator work practices were identified. These attributes fell into two categories: information quality (currency, completeness, accuracy, format, logging, and verification) and system quality (reliability, flexibility, integration, accessibility, speed, scriptability, credibility, situation awareness, and monitoring).This research proposes the use of Wixom and Todd's (2005) integrated user satisfaction model in the context of system administration. This theoretical model provides an opportunity to link the identified characteristics with system administrator beliefs and tool usage. This research contributes to existing knowledge by identifying information and system quality attributes important to system administrators, and empirically testing the modified user satisfaction model in the untested context of system administration. The user satisfaction model was found to be significant and predictive of system administrator tool use behaviors, with two information quality attributes (accuracy and verification) and two system quality attributes (reliability and credibility) significant.

work practice

system administrator

user satisfaction

Exploring Data Security Management Strategies for Preventing Data Breaches

Ofori-Duodu, Michael Samuel

01 January 2019

Insider threat continues to pose a risk to organizations, and in some cases, the country at large. Data breach events continue to show the insider threat risk has not subsided. This qualitative case study sought to explore the data security management strategies used by database and system administrators to prevent data breaches by malicious insiders. The study population consisted of database administrators and system administrators from a government contracting agency in the northeastern region of the United States. The general systems theory, developed by Von Bertalanffy, was used as the conceptual framework for the research study. The data collection process involved interviewing database and system administrators (n = 8), organizational documents and processes (n = 6), and direct observation of a training meeting (n = 3). By using methodological triangulation and by member checking with interviews and direct observation, efforts were taken to enhance the validity of the findings of this study. Through thematic analysis, 4 major themes emerged from the study: enforcement of organizational security policy through training, use of multifaceted identity and access management techniques, use of security frameworks, and use of strong technical control operations mechanisms. The findings of this study may benefit database and system administrators by enhancing their data security management strategies to prevent data breaches by malicious insiders. Enhanced data security management strategies may contribute to social change by protecting organizational and customer data from malicious insiders that could potentially lead to espionage, identity theft, trade secrets exposure, and cyber extortion.

database administrator

Data breach

data security management

insider threat

malicious insider

system administrator

Databases and Information Systems