Nudge, nudge, block no more...

No Comments

Why do people try to circumvent security controls -- for example to access an unapproved SaaS application or cloud service?

New research from Nudge Security suggests it may simply be down to poor user experience of the security process. "We now have evidence to suggest that improving the employee experience of security can actually lead to better security outcomes," says Russell Spitler, CEO and co-founder of Nudge Security.

The research put 900 participants through a common scenario: needing to access a SaaS application for work. Participants were randomly assigned to one of three 'security interventions' that either blocked access to the application, revoked access punitively, or nudged participants to justify access.

Participants were then asked to rate how reasonable they found the intervention, how positively or negatively they felt about it, and how likely they were to comply with it. Overall, the study finds participants' attitudes and emotions strongly correlate with their likelihood of compliance. 67 percent of participants say they would not comply with the blocking intervention but would instead look for a workaround.

Participants see nudging as the most positive and reasonable form of intervention. They are three times more likely to feel negatively about blocking and punitive interventions. 78 percent of participants say they would comply with a nudge, twice the compliance rate of blocking.

Dr. Aaron Kay, PhD, J Rex Fuqua Professor of Management and professor of psychology and neuroscience at Duke University and Nudge Security advisor, consulted on the development of the research and says, "This research underscores basic tenets of human psychology and demonstrates that, even in cybersecurity, attitudes and emotions are strong predictors of behavior. Security leaders are setting themselves up for failure when they implement security controls with the assumption that employees will comply mechanically, regardless of their own self interests."

The full report is available from the Nudge site and there will be a webinar to discuss the findings on November 3rd at 3pm ET.

Image credit: lisafx/depositphotos.com

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

Beyond the snapshot: Why continuous risk assessment is essential in today's threat landscape

TUXEDO Stellaris 17 (Gen6): A high-performance portable Linux workstation

New solution helps companies prepare for 90-day TLS standard

Get 'Enterprise Transformation to AI and the Metaverse' (worth $59.99) for FREE

Best Windows apps this week

All you wanted to know about passkeys but were afraid to ask

Microsoft tells users 'if you want to fix 0x80070643 errors, you'll have to do it yourself'

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

78 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

24 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Microsoft is actively blocking Windows 11 tweaking tools

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.