The human factor often plays a significant role in cyberattacks targeted against organisations. Therefore, controlling user behaviour is critical to companies’ cybersecurity strengthening efforts. A method used by companies for this is information security policies (ISP). User compliance is required for policies to be able to regulate user behaviour, but research suggests that compliance is often low. This study aims to improve authentication rules in ISP development by executing a systematic literature review. It does this by providing recommendations on how to better capture the user perspective based on the reviewed literature and the collected policies from the public sector. First a database search was conducted then backwards snowballing, which left us with 61 accepted articles that then underwent coding and ultimately a thematic analysis. This process identified eight key themes: authentication stress, password strength, password changing, password sharing, password reuse, password storage, user guidance and policy design. With these themes in hand, each area could be analysed and compared to corresponding area from the collected policies. This revealed discrepancies between the research and the organizational policies, enabling recommendations on how to improve policies from a user-based perspective to be put forward. The study is limited to authentication rules found in information security policies and excludes rules that might be found in different documents. Additionally, the systematic literature review is limited to digital databases.
Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:hj-65124 |
Date | January 2024 |
Creators | Malmström, Villy Malmström, Ringdahl, Tobias, Uhlmann, David |
Publisher | Jönköping University, Tekniska Högskolan |
Source Sets | DiVA Archive at Upsalla University |
Language | Swedish |
Detected Language | English |
Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
Format | application/pdf |
Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0025 seconds