Editorial Pointers

SYSTEM SECURITY, AS COVERED IN THESE PAGES many times, is the ultimate team effort. It takes more APRIL 2008 VOLUME 51, NUMBER 4 THE PSYCHOLOGY OF SECURITY than specialized equipment and protective strategies to Whydogoodusersmake BUILDINGCRITICALTIES ^{baddecisions?} _{FORGLOBALTEAMWORK} maintain a system’s operations. It takes users to adopt THE BUSINESS OF OPEN SOURCE _{DESIGNINGALEARNING} these measures and apply them whenever necessary. MANAGEMENT SYSTEM FAITH-BASED SECURITY _{THEPROVENANCE} On Team Security, the user is the weakest player. OF ELECTRONIC DATA DISK IS THE NEWRAM Ryan West, a design researcher at Dell, Inc., has spent years examining the principles of human behavior that govern how users think about security in daily situations. His research sheds light on why users so often undermine security “by accident.” Designers of security systems must understand how users make decisions regarding security. Indeed, the most elegant design interface is useless if users fail to heed the warnings or follow the rules. West provides key concepts and spells out ways to improve users’ security behavior.

ALSO IN THIS ISSUE, BODIN, GORDON, AND LOEB OFFER VALUABLE insight for anyone responsible for managing risk in information security. As they note, defining risk is hardly an easy task. To help in this regard, they introduce a new metric to evaluate investment proposals for enhanced information security.

Data may provide a treasure trove of information, but often finding the true gems within depends on our trust in its veracity. Moreau et al. argue data must be accompanied by a provenance that reflects, among many things, where the data originated and where it’s been. In addition, Whitten et al. examine the role of IT in health care, not only as it affects the way health care professionals work, but also the way patients receive and perceive their care.

Despite the popularity of the Learning Management System (LMS) as a faculty support tool, it continues to struggle for acceptance. Yueh and Hsu share their experience at National Taiwan University, illustrating how a university can increase faculty usage through better LMS design. And Liao and Chung ask what service-quality attributes must Internet banks offer to induce consumers to switch to online transactions and keep using them? They insist the potential exists for Internet banking to be much more important than it already is, but will require that financial institutions improve their service quality.

We have witnessed a wave of studies of online auction fraud over the past year, most disputing the reigning myth that less than 0.01% of complaints to eBay allege auction fraud. Gregg and Scott suggest the problem of online auction fraud may be far worse than numbers indicate. And Oshri, Kotlarsky, and Willcocks contend F2F meetings may be invaluable for project teams dispersed globally, but managers must prioritize activities before and after these meetings to help team members stay connected.

Finally, on page 27, ACM is pleased to announce the 2007 Distinguished and Senior Members.

EDITOR

DOI: 10.1145/1330311.1330311

A monthly publication of
the ACM Publications Office

ACM
2 Penn Plaza, Suite 701
New York, NY 10121-0701 USA
(212) 869-7440 FAX: (212) 869-0481

Group Publisher: Scott Delman

Editor: Diane Crawford
Managing Editor: Thomas E. Lambert
Senior Editor: Andrew Rosenbloom
Editorial Assistant: Zarina Strakhan
Copyright: Deborah Cotton

Contributing Editors Phillip G. Armour; Hal Berghel; Michael A. Cusumano; Peter J. Denning; Robert L. Glass; Seymour Goodman; Rebecca Mercuri; Peter G. Neumann; Pamela Samuelson; Meg McGinity Shannon

Art Director: Caren Rosenblatt Production Manager: Lynn D’Addesio

Advertising

ACM Advertising Department

2 Penn Plaza, Suite 701, New York, NY 10121-0701 (212) 869-7440; Fax: (212) 869-0481

Director of Media Sales:

Jonathan M. Just: jonathan.just@acm.org

For the latest media kit—including rates—contact: Graciela Jacome: jacome@acm.org

Contact Points

CACM editorial: crawford_d@acm.org Copyright permission: permissions@acm.org Calendar items: calendar@acm.org Change of address: acmcoa@acm.org

Communications of the ACM (ISSN 0001-0782) is published monthly by the ACM, 2 Penn Plaza, Suite 701, New York, NY 10121-0701. Periodicals postage paid at New York, NY 10001, and other mailing offices. POSTMASTER: Please send address changes to Communications of the ACM, 2 Penn Plaza, Suite 701, New York, NY 10121-0701 USA

Printed in the U.S.A.