Information systems security practices in social software applications A systematic literature review

摘要

Purpose - The purpose of this paper to investigate the current information systems security (ISS) practices of the social software application (SSA) users via the internet. Design/methodology/approach - The paper opted for a systematic literature review survey on ISS and its practices in SSAs between 2010 and 2015. The study includes a set of 39 papers from among 1,990 retrieved papers published in 35 high-impact journals. The selected papers were filtered using the Publish or Perish software by Harzing and Journal Citation Report (JCR) with an inclusion criterion of least one citation per article. Findings - The practice of ISS is driven by the need to protect the confidentiality, integrity, and availability of the data from being tampered. It is coherent with the current practice as reported by many researchers in this study. Four important factors lead to the ISS practice in SSA: protection tools offered, ownership, user behaviour, and security policy. Practical implications - The paper highlights the implication of successful ISS practices is having clear security purpose and security supported environment (user behaviour and security protection tools) and governance (security policy and ownership) protection tools offered, ownership, user behaviour, and security policy towards ISS practice by the users. Originality/value - This paper fulfils an identified need to study how to enable ISS practice.