Schuessler, J., Hite, D. (2014). Pre-Employment Screening for Security Risk: An Exploratory Study. Journal of Applied Business and Economics (16% Acceptance Rate); (C ABDC Ranking), 16(1), 84-95. www.na-businesspress.com/jabeopen.html
As a researcher, I have always been interested in this idea of security posture. Additionally, with the idea that insider threats represent a unique threat to organizations, it occurred to me that a study examining the security posture of potential hires might be of value to organizations. So, I decided to survey students based on common employment tests such as personality and ethics tests to examine how they might relate to the strength of passwords of those individuals. The idea was that if such tests could yield some useful insight into the personal computer security posture, that organizations could gain additional insightful information regarding potential hires without requiring any additional effort. Additionally, such information could be potentially used by organizations by identifying individuals who might require additional security training if they are offered a job.
My co-author and I surveyed 122 undergraduate and graduate students, mostly business majors. Respondents answered the big five personality test as well as a work ethic instrument by Miller, Woehr, and Hudspeth (2001). As the dependent variable, we had students enter a password from one of their banking institutions into a Microsoft password checker that determines the strength of your password based on a four point scale.
Three of the dimensions of personality were found to be related to the strength of password: agreeableness, extroversion, and neuroticism. Only one dimension of the work ethic construct was found to be related to the strength of password: delay of gratification. But, the important thing to take away from this research is that since organizations already use these kinds of tests when making employment decisions, these results can be used by them to gain additional insight regarding the security training that potential hires might need.
At the time of this writing, I am completing a follow up study that includes a larger sample and a more complete dependent variable based on the security posture of an individual as well as including additional tests such as an integrity test as well as cognitive ability, other tests that organizations use when making employment decisions. So, if you are in the hunt for a job and taking an employment test, recognize that the organization may be able to glean additional information from that employment test than just your personality!