User Experience: A Heuristic Approach to Evaluating IT Security Technologies
DOI:
https://doi.org/10.48017/dj.v11iSpecial_1.3775Keywords:
usability heuristics, information security tools, Jakob Nielsen’s HeuristicsAbstract
As organizations increasingly rely on IT security solutions to protect critical data and infrastructure, it is essential to emphasize the usability and efficacy of these tools. This study examines the idea of user-centric security by assessing the user experience (UX) of IT security technology using usability criteria. The research seeks to evaluate the user-friendliness of security systems from the viewpoint of end-users, utilizing ideas from usability engineering and human-computer interaction (HCI). The study aims to uncover usability difficulties and potential for improvement in existing IT security solutions by utilizing well-established usability heuristics, such as visibility of system state, match between system and the real world, and error prevention. The study assessed the usability of information security systems and solutions among 201 employees by using Jakob Nielsen's heuristic usability approach. The average usability score was determined to be 3.80 on a scale ranging from 1 to 5, suggesting that the personnel participants usually had a positive opinion of usability. Although the findings are promising, additional research is necessary to thoroughly investigate specific usability concerns and examine potential variations in usability views among other user demographics.
Metrics
References
AbuJarour, S., Wiesche, M., Andrade, A. D., Fedorowicz, J., Krasnova, H., Olbrich, S., Tan, C. W., Urquhart, C. & Venkatesh, V. (2019). ICT-enabled refugee integration: A research agenda. Communications of the Association for Information Systems, 44(1), 874–891. https://doi.org/10.17705/1CAIS.04440
Ani, U. D., He, H. & Tiwari, A. (2019). Human factor security: Evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology, 21(1), 2–35.
Bendovschi, A. (2015). Cyber-attacks – Trends, patterns and security countermeasures. Procedia Economics and Finance, 28, 24–31.
Bush, M. & Mashatan, A. (2022). From zero to one hundred: Demystifying zero trust and its implications on enterprise people, process, and technology. Queue, 20(4), 80–106.
Campean, S. (2019). The human factor at the center of a cyber security culture. International Journal of Information Security and Cybercrime (IJISC), 81(1), 51–58.
Dwiyanti, R. (2018). The role of organizational culture factors to psychological contracts (transnational contracts, balance contracts, and relational contracts). Journal of Advanced Research in Law and Economics, 9(8), 2570–2577.
Farahbod, K., Shayo, C. & Varzandeh, J. (2020). Cybersecurity indices and cybercrime annual loss and economic impacts. Journal of Business and Behavioral Sciences, 32(1), 63–71.
Jeong, J., Mihelcic, J., Oliver, G. & Rudolph, C. (2019). Towards an improved understanding of human factors in cybersecurity. IEEE 5th International Conference on Collaboration and Internet Computing, 12–14, pp. 338–345.
Kamariza, Y. (2017). Implementation of information security policies in public organizations: Top management as a success factor.
Khando, K., Gao, S., Islam, S. M. & Salman, A. (2021). Enhancing employees information security awareness in private and public organisations: A systematic literature review. Computers & Security, 106, 102267.
Klein, R. H. & Luciano, E. M. (2016). What influences information security behavior? A study with Brazilian users. Journal of Information Systems and Technology Management, 13, 479–496.
Klimburg-Witjes, N. & Wentland, A. (2021). Hacking humans? Social Engineering and the construction of the “deficient user” in cybersecurity discourses. Science, Technology, & Human Values, 46(6), 1316-1339.
Kruger, H. A. & Kearney, W. D. (2006). A prototype for assessing information security awareness. Computer Security.
Parenty, T. J. & Domet, J. J. (2019). A Leader’s Guide to Cybersecurity: Why Boards Need to Lead—And How to do. Harvard Business Review Press.
Richardson, M. D., Lemoine, P. A., Stephens, W. E. & Waller, R. E. (2020). Planning for cyber security in schools: The human factor. Educational Planning, 27(2), 23–39.
Triplett, W. J. (2022). Addressing human factors in cybersecurity leadership. Journal of Cybersecurity and Privacy, 2(3), 573–586.
Yan, Z., Robertson, T., Yan, R., Park, S. Y., Bordoff, S., Chen, Q. & Sprissler, E. (2018). Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment? Computers in Human Behavior, 84, 375–382.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Noli Lucila Jr
This work is licensed under a Creative Commons Attribution 4.0 International License.
The Diversitas Journal expresses that the articles are the sole responsibility of the Authors, who are familiar with Brazilian and international legislation.
Articles are peer-reviewed and care should be taken to warn of the possible incidence of plagiarism. However, plagiarism is an indisputable action by the authors.
The violation of copyright is a crime, provided for in article 184 of the Brazilian Penal Code: “Art. 184 Violating copyright and related rights: Penalty - detention, from 3 (three) months to 1 (one) year, or fine. § 1 If the violation consists of total or partial reproduction, for the purpose of direct or indirect profit, by any means or process, of intellectual work, interpretation, performance or phonogram, without the express authorization of the author, the performer, the producer , as the case may be, or whoever represents them: Penalty - imprisonment, from 2 (two) to 4 (four) years, and a fine. ”
