aalto1 untyped-item.component.html
Security by envelopment: a novel approach to data-security-oriented configuration of lightweight-automation systems
Loading...
Access rights
openAccess
publishedVersion
URL
Journal Title
Journal ISSN
Volume Title
A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Date
Major/Subject
Mcode
Degree programme
Language
en
Pages
23
Series
European Journal of Information Systems, Volume 33, issue 5, pp. 631-653
Abstract
Organisations’ increasing adoption of lightweight automation, such as robotic process automation (RPA), raises concerns about the associated systems’ robustness and security, with data-security concerns becoming further accentuated when tools of this sort are deployed for handling of potentially sensitive data. However, literature on designing these tools in a manner mitigating risks related to organisational data security has remained scarce. This paper addresses this gap by presenting a study in which RPA was successfully designed for a process wherein the software robot handles sensitive personal data. Informed by work on the mindlessness of automation, sociotechnical envelopment, and security by design, this empirical study, employing action design research at Wärtsilä Corporation, pointed to three design principles, related to envelopment, access rights, and audit trails. By adhering to these, Wärtsilä created envelopes around the robot that afford the automation’s safe operation and processing of the sensitive data. This research advances the theory of sociotechnical envelopment’s design and deployment by introducing a novel approach in security by envelopment to elaborate on the security-oriented envelopment of mindless automation agents. The paper also discusses the practical utility of the artefact designed, in terms of both design and evaluation.
Description
Publisher Copyright: © 2023 The Author(s). Published by Informa UK Limited, trading as Taylor & Francis Group.
Other note
Citation
Asatiani, A, Hakkarainen, T, Paaso, K & Penttinen, E 2024, 'Security by envelopment: a novel approach to data-security-oriented configuration of lightweight-automation systems', European Journal of Information Systems, vol. 33, no. 5, pp. 631-653. https://doi.org/10.1080/0960085X.2023.2217362