Compliance with corporate ICT security practices in work from home environment : Attitude changes in the move from office to home

Sammanfattning: The Covid-19 pandemic and the ensuing lockdowns that multiple countries put in place have forced companies to nearly instantly switch to an entirely remote work environment, irrelevant if they were prepared to or not. Such abrupt change in the work environment and the digital nature of modern work is bound to raise issues with employees, specifically in terms of security and compliance. Through the prism of Habit theory this thesis investigates exactly what the impact on employees has been and how in turn employee attitude has impacted company security compliance. Including multiple companies and countries allows to establish what have been the universal issues employees encountered. Limiting the scope to companies in the IT sector presumes the organizations covered by the research would have been more likely and prepared to move to remote work, although the results of the research indicate not all companies were ready for this. The unprecedented nature and abruptness of the lockdowns caused a mix of compliance issues for organizations, only some of which were addressed in the course of lockdown period and was mostly dependent on companies’ readiness to move to a remote-work model. Furthermore, the findings suggest that compliance is highly dependent on self-efficacy and the ways companies can address this is by targeting specific employee habits.