This study aims to explore the status quo of information security from the perspective of information technology (IT) staff in Jordanian university libraries and to discuss the most prominent difficulties they face. Moreover, it aims to identify the effect of the variables (years of experience, type of university, job level, and specialization) on the staff estimation of the status quo of information security and the difficulties they face. The study population consisted of all (96) staff members of the IT departments in the libraries of public and private Jordanian universities for the academic year 2015-2016, of whom (84) responded. To answer the study questions, a questionnaire that examines the status quo of information security was adopted, it consisted of five themes. The questionnaire also included questions to study the difficulties facing IT staff. The results indicated that the respondents’ estimation of the status quo of information security in Jordanian universities libraries was at medium level, as the item “procedures for the protection of computer systems and networks” and the item “access control to information systems” were ranked first in the study fields with a high rating. Results also indicated that the overall level of difficulties attained a medium level, and that the most prominent difficulties facing IT staff in universities libraries are the shortage of personnel specialized in information security and the lack of budget allocated to information security in university libraries. The study also showed a statistically significant difference at the level of significance (α≤0.05) for the variables of “job level” and “specialization” in the staff estimation of the status quo of information security. Also, a statistically significant difference was found in the staff estimation of the difficulties they face related to the specialization variable. The study recommends paying more attention to the various aspects of information security in libraries, such as the infrastructure in regard to technology and the existence of a precise policy to ensure information security and to increase the number of human resources specialized in the field of information security.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.