{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,25]],"date-time":"2025-12-25T07:26:03Z","timestamp":1766647563820,"version":"3.37.3"},"reference-count":43,"publisher":"Informa UK Limited","issue":"1","funder":[{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["DGE-1241576","1753681","1819521"],"award-info":[{"award-number":["DGE-1241576","1753681","1819521"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000005","name":"U.S. Department of Defense","doi-asserted-by":"publisher","award":["H98230-17-1-0387","H98230-18-1-0321","H98230-19-1-0308"],"award-info":[{"award-number":["H98230-17-1-0387","H98230-18-1-0321","H98230-19-1-0308"]}],"id":[{"id":"10.13039\/100000005","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["www.tandfonline.com"],"crossmark-restriction":true},"short-container-title":["Cryptologia"],"published-print":{"date-parts":[[2024,1,2]]},"DOI":"10.1080\/01611194.2022.2103754","type":"journal-article","created":{"date-parts":[[2022,10,12]],"date-time":"2022-10-12T11:43:02Z","timestamp":1665574982000},"page":"26-90","update-policy":"https:\/\/doi.org\/10.1080\/tandf_crossmark_01","source":"Crossref","is-referenced-by-count":7,"title":["Shadow IT in higher education: survey and case study for cybersecurity"],"prefix":"10.1080","volume":"48","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5281-7640","authenticated-orcid":false,"given":"Selma Gomez","family":"Orr","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3686-7242","authenticated-orcid":false,"given":"Cyrus Jian","family":"Bonyadi","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0814-9956","authenticated-orcid":false,"given":"Enis","family":"Golaszewski","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1130-4678","authenticated-orcid":false,"given":"Alan T.","family":"Sherman","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3285-496X","authenticated-orcid":false,"given":"Peter A. H.","family":"Peterson","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9037-537X","authenticated-orcid":false,"given":"Richard","family":"Forno","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6751-0828","authenticated-orcid":false,"given":"Sydney","family":"Johns","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7997-4067","authenticated-orcid":false,"given":"Jimmy","family":"Rodriguez","sequence":"additional","affiliation":[]}],"member":"301","published-online":{"date-parts":[[2022,10,12]]},"reference":[{"key":"e_1_3_3_2_1","doi-asserted-by":"publisher","DOI":"10.17705\/1CAIS.03455"},{"key":"e_1_3_3_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1461928.1461960"},{"key":"e_1_3_3_5_1","unstructured":"Behrens S. and W. Sedera. 2004. Why do shadow systems exist after an ERP implementation? Lessons from a case study. In PACIS 2004 proceedings 136."},{"key":"e_1_3_3_6_1","volume-title":"Thirty-Fifth International Conference on Information Systems","author":"Chua C.","year":"2014","unstructured":"Chua, C., V. Storey, and L. Chen. 2014. Central IT or shadow IT? Factors shaping users\u2019 decision to go rogue with IT. In Thirty-Fifth International Conference on Information Systems."},{"key":"e_1_3_3_7_1","unstructured":"Feder J. 2013. The Family Educational Rights and Privacy Act (FERPA): A legal overview. In Library of Congress . Congressional Research Service."},{"key":"e_1_3_3_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4612-4380-9_6"},{"key":"e_1_3_3_9_1","first-page":"2014","volume-title":"Proceedings of the European Conference on Information Systems (ECIS)","author":"Fuerstenau D","year":"2014","unstructured":"Fuerstenau, D, and H. Rothe. 2014. Shadow IT systems: Discerning the good and the evil. In Proceedings of the European Conference on Information Systems (ECIS) 2014."},{"key":"e_1_3_3_10_1","volume-title":"Americas Conference on Information Systems (AMCIS)","author":"Fuerstenau D.","year":"2016","unstructured":"Fuerstenau, D., H. Rothe, M. Sandner, and D. Anapliotis. 2016. Shadow IT, risk, and shifting power relations in organizations. In Americas Conference on Information Systems (AMCIS)."},{"key":"e_1_3_3_11_1","first-page":"1159","volume-title":"24th European Conference on Information Systems, ECIS 2016","author":"Fuerstenau D.","year":"2016","unstructured":"Fuerstenau, D., M. Sandner, and D. Anapliotis. 2016. Why do shadow systems fail?: An expert study on Determinants of Discontinuation. In 24th European Conference on Information Systems, ECIS 2016. p. 1159. Association for Information Systems. AIS Electronic Library (AISeL)."},{"key":"e_1_3_3_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386363"},{"key":"e_1_3_3_13_1","unstructured":"Gy\u00f6ry A. A. Cleven F. Uebernickel and W. Brenner. 2012. Exploring the shadows: IT governance approaches to user-driven innovation. In ECIS 2012 Proceedings European Conference on Information Systems (ECIS) . Association for Information Systems. AIS Electronic Library (AISeL)."},{"key":"e_1_3_3_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12599-017-0497-x"},{"key":"e_1_3_3_15_1","volume-title":"9th Asia-Pacific Decision Sciences Institute Conference","author":"Houghton L.","year":"2004","unstructured":"Houghton, L., and D. Kerr. 2004. Understanding feral systems in organisations: A case study of a SAP implementation that led to the creation of ad-hoc and unplanned systems in a large corporation. In: 9th Asia-Pacific Decision Sciences Institute Conference."},{"key":"e_1_3_3_16_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJIEM.2006.010239"},{"key":"e_1_3_3_17_1","doi-asserted-by":"publisher","DOI":"10.3390\/systems4010011"},{"key":"e_1_3_3_18_1","unstructured":"Johns S. 2020. Shadow IT and the Shadow IT Security Assessment Tool (SITSAT). CSEE Dept. University of Maryland Baltimore County unpublished manuscript."},{"key":"e_1_3_3_19_1","first-page":"96","volume-title":"ACIS 2004 Proceedings","author":"Jones D.","year":"2004","unstructured":"Jones, D., S. Behrens, K. Jamieson, and E. Tansley. 2004. The rise and fall of a shadow system: Lessons for enterprise system implementation. In ACIS 2004 Proceedings. p. 96."},{"key":"e_1_3_3_20_1","doi-asserted-by":"publisher","DOI":"10.3127\/ajis.v14i2.473"},{"key":"e_1_3_3_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/CBI.2019.00039"},{"key":"e_1_3_3_22_1","doi-asserted-by":"publisher","DOI":"10.12821\/ijispm070102"},{"key":"e_1_3_3_23_1","first-page":"1687","volume-title":"MKWI 2016 proceedings","author":"Kopper A","year":"2016","unstructured":"Kopper, A, and M. Westner. 2016a. Deriving a framework for causes, consequences, and governance of shadow IT from literature. In MKWI 2016 proceedings, 1687\u20131698."},{"key":"e_1_3_3_24_1","volume-title":"2016 Americas Conference on Information Systems (AMCIS)","author":"Kopper A","year":"2016","unstructured":"Kopper, A, and M. Westner. 2016b. Towards a taxonomy for shadow IT. In 2016 Americas Conference on Information Systems (AMCIS)."},{"key":"e_1_3_3_25_1","unstructured":"Kopper A. 2017. Perceptions of IT managers on shadow IT. In Twenty-third Americas Conference on Information Systems Boston 2017 . pp. 1\u201310."},{"key":"e_1_3_3_26_1","volume-title":"A grounded theory: Integration and internalization in ERP adoption and use","author":"Lee J.","year":"2001","unstructured":"Lee, J. 2001. A grounded theory: Integration and internalization in ERP adoption and use. Lincoln, NE: The University of Nebraska-Lincoln."},{"key":"e_1_3_3_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2016.09.281"},{"key":"e_1_3_3_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICTAS.2018.8368735"},{"key":"e_1_3_3_29_1","unstructured":"McCann E. 2014. Groups hit with record $4.8M HIPAA fine. https:\/\/www.healthcareitnews.com\/news\/group-slapped-record-hipaa-fine."},{"key":"e_1_3_3_30_1","unstructured":"Nasuni. 2021. Survey: Nearly half of employees that use file sharing services at work do so despite knowing employer bans their use. Accessed April 6 2021. https:\/\/www.nasuni.com\/news\/65-survey_nearly_half_of_employees_that_use_file\/."},{"key":"e_1_3_3_31_1","unstructured":"Panetta K. 2016. Gartner\u2019s top 10 security predictions. https:\/\/www.gartner.com\/smarterwithgartner\/top-10-security-predictions-2016\/."},{"key":"e_1_3_3_32_1","unstructured":"Raden N. 2005. Shedding light on shadow IT: Is Excel running your business? DSSResources. com 26."},{"key":"e_1_3_3_33_1","first-page":"1023","volume-title":"2012 Federated Conference on Computer Science and Information Systems (FedCSIS)","author":"Rentrop C.","year":"2012","unstructured":"Rentrop, C., and S. Zimmermann. 2012a. Shadow IT evaluation model. In 2012 Federated Conference on Computer Science and Information Systems (FedCSIS), 1023\u20131027. IEEE."},{"key":"e_1_3_3_34_1","first-page":"98","volume-title":"Proceedings of the 6th International Conference on Digital Society","author":"Rentrop C.","year":"2012","unstructured":"Rentrop, C., and S. Zimmermann. 2012b. Shadow IT: Management and control of unofficial IT. In Proceedings of the 6th International Conference on Digital Society, 98\u2013102."},{"key":"e_1_3_3_36_1","doi-asserted-by":"publisher","DOI":"10.1080\/01611194.2018.1557298"},{"key":"e_1_3_3_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2019.2900595"},{"key":"e_1_3_3_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.06.007"},{"key":"e_1_3_3_39_1","doi-asserted-by":"publisher","DOI":"10.7250\/csimq.2016-8.06"},{"key":"e_1_3_3_40_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.im.2017.02.007"},{"key":"e_1_3_3_41_1","volume-title":"The practice of statistics","author":"Starnes D. S.","year":"2010","unstructured":"Starnes, D. S., D. Yates, and D. S. Moore. 2010. The practice of statistics. New York, NY: W. H. Freeman and Company."},{"key":"e_1_3_3_44_1","first-page":"1","volume-title":"Proceedings of the 23rd Australasian Conference on Information Systems 2012","author":"Thatte S.","year":"2012","unstructured":"Thatte, S., N. Grainger, and J. McKay. 2012. Feral practices. In Proceedings of the 23rd Australasian Conference on Information Systems 2012, 1\u201310. ACIS."},{"key":"e_1_3_3_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2017.41"},{"key":"e_1_3_3_46_1","first-page":"458","volume-title":"The European Conference on Information Systems Management","author":"Urus S. T.","year":"2011","unstructured":"Urus, S. T., A. Molla, and S. Y. Teoh. 2011. Post-ERP feral system taxonomy: A manifestation from multiple case studies. In The European Conference on Information Systems Management, 458. Academic Conferences International Limited."},{"key":"e_1_3_3_47_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(13)70049-7"},{"key":"e_1_3_3_48_1","doi-asserted-by":"publisher","DOI":"10.2308\/isys-51579"}],"container-title":["Cryptologia"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.tandfonline.com\/doi\/pdf\/10.1080\/01611194.2022.2103754","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,15]],"date-time":"2023-12-15T08:52:44Z","timestamp":1702630364000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.tandfonline.com\/doi\/full\/10.1080\/01611194.2022.2103754"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,12]]},"references-count":43,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1,2]]}},"alternative-id":["10.1080\/01611194.2022.2103754"],"URL":"https:\/\/doi.org\/10.1080\/01611194.2022.2103754","relation":{},"ISSN":["0161-1194","1558-1586"],"issn-type":[{"type":"print","value":"0161-1194"},{"type":"electronic","value":"1558-1586"}],"subject":[],"published":{"date-parts":[[2022,10,12]]},"assertion":[{"value":"The publishing and review policy for this title is described in its Aims & Scope.","order":1,"name":"peerreview_statement","label":"Peer Review Statement"},{"value":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=ucry20","URL":"http:\/\/www.tandfonline.com\/action\/journalInformation?show=aimsScope&journalCode=ucry20","order":2,"name":"aims_and_scope_url","label":"Aim & Scope"},{"value":"2022-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}