COVID-19 has prompted a rise in telecommuting practices in most companies worldwide. Meanwhile, companies are struggling to cope with the new and evolving security threats in telecommuting using old control methods. Specifically, there is an increased danger of hacking attacks in telecommuting environments. Furthermore, corporate concerns regarding telecommuting security have led to a questioning of existing control methods that no longer seem adequate. Significant research has been conducted on the factors that improve the effectiveness of corporate security policies, such as formal control, informal control, and extrarole behaviors. However, these studies did not consider telecommuting environments, which surged after the COVID-19 outbreak. Telecommuting loosens the physical control over employees and eliminates the collegial environment in which employees encourage each other to protect system information. This study determined how the factors that influence the effectiveness of existing information security policies behave in a telecommuting environment. Our study shows that specification and mandatoriness are the most important factors for an effective telecommuting security policy. We conclude that this sudden change in the working environment has rendered existing security controls obsolete, and specification and mandatoriness are likely to receive increasingly more attention in the growing field of telecommuting security policy.
ASJC Scopus subject areas
- Information Systems
- Computer Networks and Communications