Learn More
We report preliminary results of our ongoing field study of IT professionals who are involved in security management. We interviewed a dozen practitioners from five organizations to understand their workplace and tools. We analyzed the interviews using a variation of Grounded Theory and predesigned themes. Our results suggest that the job of IT security(More)
An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT(More)
Information technology security management (ITSM) entails significant challenges, including the distribution of tasks and stakeholders across the organization, the need for security practitioners to cooperate with others, and technological complexity. We investigate the organizational processes in ITSM using qualitative analysis of interviews with ITSM(More)
This paper describes the HOT Admin research project, which is investigating the human, organizational, and technological factors of IT security from the perspective of security practitioners. We use qualitative methods to examine their experiences along several themes including: unique characteristics of this population, the challenges they face within the(More)
Persistence and cost are the two factors that have motivated several studies about better practices for dealing with security incidents [5]. However, there is not much literature about IT professionals who have to deal with security incidents, in terms of which tasks they actually perform and which resources they need to handle the complex scenarios given(More)
This case study describes the adoption of an enterprise identity management(IdM) system in an insurance organization. We describe the state of the organization before deploying the IdM system, and point out the challenges in its IdM practices. We describe the organization's requirements for an IdM system, why a particular solution was chosen, issues in the(More)
One of the most important factors that impact usability of security systems within an organization are security tools. In this paper, we report preliminary results of our survey about design guidelines for IT security management tools. We gathered guidelines and recommendations related to IT security management tool from available literature as well as(More)
Identity management (IdM) comprises the processes and infrastructure for the creation, maintenance, and use of digital identities [1]. This includes designating who has access to resources, who grants that access, and how accountability and compliance is maintained [3, 8, 4]. IdM has become an important aspect of IT security infrastructure in organizations,(More)