Persuasive Information Security: Techniques to Help Employees Protect Organizational Information Security.

Digital information is an important corporate asset. Organizations typically devise policies and guidelines to help employees protect the security of such information. Complying with these rules can often be confusing and difficult and may obstruct the task at hand, leading employees to circumvent or ignore policies. Commercial technology and training programs to mitigate this issue suffer from various shortcomings. To address these shortcomings, we designed six persuasive features: Security Points, Security Quiz, Challenges, Statistics, Personalization, and Risk Communication. A design probe that implemented the features sheds light on how persuasive security features could influence intentions to follow secure work practices. We apply the findings to offer suggestions for further enhancing the six persuasive features.