| Abstract: | Recent research in information systems and operations management has considered the positive impacts of information technology (IT). However, an undesirable side effect of firms’ increasing reliance on IT to support the distribution and delivery of goods and services to customers is a greater exposure to a diverse set of IT security risks. One such risk is intentional employee misuse of technology resources. In this article, we draw upon modern deterrence frameworks to develop a predictive model of technology misuse intention that incorporates formal and informal sanctions as well as employment context factors. The model specifies previously untested relationships between formal and informal sanctions, thereby providing fresh insight into the role of sanctions in deterring technology misuse in organizations. Our results suggest that a predisposition toward the need for social approval and moral beliefs regarding the behavior are key determinants of technology misuse. Contrary to criminological research that has questioned the relative importance of formal sanctions in the deterrence process, we also found that the threat of formal sanctions has both direct and indirect influences on technology misuse intention. Further, from an employment context standpoint, employees who spend more working days away from the office (i.e., “virtual” mode) appear more inclined to misuse their organization's technology resources. The findings have implications for the research and practice of technology management. |
