Editorial Pointers

System security, as covered in these pages many times, is the ultimate team effort. It takes more than specialized equipment and protective strategies to maintain a system’s operations. It takes users to adopt these measures and apply them whenever necessary. On Team Security, the user is the weakest player.

Ryan West, a design researcher at Dell, Inc., has spent years examining the principles of human behavior that govern how users think about security in daily situations. His research sheds light on why users so often undermine security "by accident." Designers of security systems must understand how users make decisions regarding security. Indeed, the most elegant design interface is useless if users fail to heed the warnings or follow the rules. West provides key concepts and spells out ways to improve users’ security behavior.

Also in this issue, Bodin, Gordon, and Loeb offer valuable insight for anyone responsible for managing risk in information security. As they note, defining risk is hardly an easy task. To help in this regard, they introduce a new metric to evaluate investment proposals for enhanced information security.

Data may provide a treasure trove of information, but often finding the true gems within depends on our trust in its veracity. Moreau et al. argue data must be accompanied by a provenance that reflects, among many things, where the data originated and where it’s been. In addition, Whitten et al. examine the role of IT in health care, not only as it affects the way health care professionals work, but also the way patients receive and perceive their care.

Despite the popularity of the Learning Management System (LMS) as a faculty support tool, it continues to struggle for acceptance. Yueh and Hsu share their experience at National Taiwan University, illustrating how a university can increase faculty usage through better LMS design. And Liao and Chung ask what service-quality attributes must Internet banks offer to induce consumers to switch to online transactions and keep using them? They insist the potential exists for Internet banking to be much more important than it already is, but will require that financial institutions improve their service quality.

We have witnessed a wave of studies of online auction fraud over the past year, most disputing the reigning myth that less than 0.01% of complaints to eBay allege auction fraud. Gregg and Scott suggest the problem of online auction fraud may be far worse than numbers indicate. And Oshri, Kotlarsky, and Willcocks contend F2F meetings may be invaluable for project teams dispersed globally, but managers must prioritize activities before and after these meetings to help team members stay connected.

Finally, on page 27, ACM is pleased to announce the 2007 Distinguished and Senior Members.

Diane Crawford
Editor

Back to Top