Is Usability An Obstacle For Information Systems Security?

Keeping information systems secure is costly. Organizations allocate financial and human resources in order to prevent security incidents having an impact on software applications, There is evidence that information systems security has in some cases been affected by human errors that might be caused by a poor usability design. There is clearly a link between security and usability. To clarify this we have conducted a systematic mapping study of the literature produced over the last decade. We identified five relationship type: inverse, direct, relative, one-way inverse, and no-relationship. Most authors agree that there is an inverse relationship between security and usability, which means that increasing usability leads to a decrease in security issues in a product and vice versa. However, this is not a unanimous finding, and this study unveils a number of open questions, like application domain dependency and the need to explore lower relationships between attribute sub-characteristics.