Factors Affecting Information Security in Teleworking. Case Study: Kenya National Police Dt Sacco

Abstract

Businesses are increasingly adopting teleworking to embrace the changes in the operation macro environment, the COVID 19 pandemic is driving most businesses to adopt teleworking to curb its spread, and teleworking is gradually becoming the new norm, however, attackers globally are taking advantage to launch large-scale attacks such as phishing and computer-based exploits. This study looks at ways of ensuring that teleworking is adopted in a secure way to avoid any form of breach of data security. The research objectives were to identify the ICT security risks related to teleworking, identify the human behavior likely to lead to an information security breach, and propose the controls necessary to combat information security risk. The study adopted the general deterrence theory and the theory of perceived behavior. The study used mixed research methods guided by a cross-sectional survey design. A cross-sectional design was used in formulating the hypothesis and testing the relationship between the variables. The study targeted the employees of the Kenya National Police DT SACCO where a sample size of 42 was adopted. The study established that Kenya National Police DT SACCO has adopted teleworking and has taken the necessary security measures to enable teleworking. The study recommends that the organization should look at the 17.9% of people who have not undertaken any information security training and train them on the same. Information security is also a highly dynamic field where changes and challenges evolve every day and hence there is a need for continuous training and review of the information security policy. There is a need to look at the type of access to systems given to people who telework and should be limited to only the resources that they need to run their day-to-day activities and access should not be left open but only granted on need be as and when required. There is a need to monitor any anomaly behavior. Teleworking may also act as a staff backup plan to achieve business continuity in case of calamity that affects an organization, the staff teleworking will be spared. There is a need to develop technologies to identify employees working from home using security software to identify the employees biometrically.