Investigating Human Factors Compromising the Security of Information Systems in the Public Sector in Tanzania

Abstract

This study investigated human factors compromising information system security in Tanzania's Public Sector, focusing on Tanzania National Parks HQ. The specific objectives included analysing human errors, personality traits, and motivational factors leading to security breaches of information systems. The research employed a mixed-method approach with 154 targeted respondents, utilising structured questionnaires and interviews. Data was analysed using SPSS 26 for quantitative aspects, the descriptive statistics on frequencies and percentiles, presenting descriptive results, while qualitative data underwent manual interpretive techniques and content analysis. The results show that human errors such as forgetting printouts, failing to log off computers, and losing sensitive information are significant occurrences. Personal traits like sharing login credentials and falling victim to social engineering pose a considerable security risk. Motivational and reward issues that pose security breaches include financial gain, personal grievances, Personal satisfaction, Recognition, and personal conflicts. It is recommended that public institutions implement comprehensive training and awareness programs, enforce security policies and practices, promote responsible social media use, enforce secure document disposal procedures, foster a security-conscious culture, and implement multi-factor authentication (MFA) and access controls.