Pooya Jaferian ; David Botta ; Fahimeh Raja ; Kirstie Hawkey ; Konstantin Beznosov

09 September 2008

Abstract: An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.

Keyword(s): Human Factors;Security Management;Design;Usable Security; HOT Admin ; issnet

Published in: Pooya Jaferian, David Botta, Fahimeh Raja, Kirstie Hawkey, Konstantin Beznosov, "Guidelines for Designing IT Security Management Tools," In CHIMIT '08: Proceedings of the 2008 symposium on Computer Human Interaction for the Management of Information Technology, San Diego, CA, USA, 7:1-7:10, ACM.: