Measuring user satisfaction with information security practices

Information security is a major concern of organizational management. Security solutions based on technical aspects alone are insufficient to protect corporate data. Successful information security depends on appropriate user behavior while using information systems. User satisfaction is widely used to measure the success of information systems. The objective of this research is to develop a model to measure user satisfaction with information security practices. An instrument was developed based on this model. A survey was conducted, and 173 valid responses were obtained. Structural equation modeling was used for the data analysis. The results indicated that users understand the benefits of information security practices, but the use of information systems with security controls is considered a complex matter, which reduces information systems productivity. The measurement of the user satisfaction with information security practices is a starting point to diagnose the behavior of users in relation to information security, providing metrics to management evaluate the investment in information security training and awareness program.