Enhancing End-User Roles in Information Security: Exploring the Setting, Situation, and Identity

2021 ◽  
pp. 102340
Author(s):  
Obi Ogbanufe
Keyword(s):  
Information Security ◽  
End User

Information Security Innovation

2014 ◽  
pp. 303-315
Author(s):  
Jan H. P. Eloff ◽  
Mariki M. Eloff ◽  
Madeleine A. Bihina Bella ◽  
Donovan Isherwood ◽  
Moses T. Dlamini ◽  
...  
Keyword(s):  
Information Security ◽  
Mobile Devices ◽  
End Users ◽  
End User ◽  
Loosely Coupled ◽  
Security Services ◽  
Time Interaction ◽  
Cloud Environments ◽  
User Centric ◽  
Increasing Demand

The increasing demand for online and real-time interaction with IT infrastructures by end users is facilitated by the proliferation of user-centric devices such as laptops, iPods, iPads, and smartphones. This trend is furthermore propounded by the plethora of apps downloadable to end user devices mostly within mobile-cum-cloud environments. It is clear that there are many evidences of innovation with regard to end user devices and apps. Unfortunately, little, if any, information security innovation took place over the past number of years with regard to the consumption of security services by end users. This creates the need for innovative security solutions that are human-centric and flexible. This chapter presents a framework for consuming loosely coupled (but interoperable) cloud-based security services by a variety of end users in an efficient and flexible manner using their mobile devices.

Information Security Innovation

2019 ◽  
pp. 264-277
Author(s):  
Jan H. P. Eloff ◽  
Mariki M. Eloff ◽  
Madeleine A. Bihina Bella ◽  
Donovan Isherwood ◽  
Moses T. Dlamini ◽  
...  
Keyword(s):  
Information Security ◽  
Mobile Devices ◽  
End Users ◽  
End User ◽  
Loosely Coupled ◽  
Security Services ◽  
Time Interaction ◽  
Cloud Environments ◽  
User Centric ◽  
Increasing Demand

The increasing demand for online and real-time interaction with IT infrastructures by end users is facilitated by the proliferation of user-centric devices such as laptops, iPods, iPads, and smartphones. This trend is furthermore propounded by the plethora of apps downloadable to end user devices mostly within mobile-cum-cloud environments. It is clear that there are many evidences of innovation with regard to end user devices and apps. Unfortunately, little, if any, information security innovation took place over the past number of years with regard to the consumption of security services by end users. This creates the need for innovative security solutions that are human-centric and flexible. This chapter presents a framework for consuming loosely coupled (but interoperable) cloud-based security services by a variety of end users in an efficient and flexible manner using their mobile devices.

Importance of Information Security and Strategies to Prevent Data Breaches in Mobile Devices

2020 ◽  
pp. 215-225
Author(s):  
Maulik Desai ◽  
Swati Jaiswal
Keyword(s):  
Operating System ◽  
Information Security ◽  
Mobile Phone ◽  
Mobile Devices ◽  
Cell Phone ◽  
End User ◽  
Shoulder Surfing ◽  
A Cell ◽  
Encryption Algorithms ◽  
E Mail

Mobile devices have upgraded from normal java-based phones whose basic functionality was calling, messaging, and storing contact information to a more adaptive operating system like Symbian, iOS, and Android, which have smart features like e-mail, audio player, camera, etc. Gradually, everyone started relying more and more on these mobile devices. This led to an increase in the number of cell phone hackers. Common ways that a hacker gets access to your phone is via phishing, shoulder surfing, piggybacking, etc. There are countermeasures to this like bookmarking your most visited sites, using VPN, using encryption algorithms. Data theft and identity theft are a new concern for today's user; this chapter is to educate the end user of different ways in which their privacy can be invaded via a mobile phone. This chapter will help the researchers to know the mindset of a cell phone hacker and what are the potential damages that can be caused by them and strategies to prevent them.

Exploring Information Security Governance in Cloud Computing Organisation

2018 ◽  
pp. 544-562
Author(s):  
Hemlata Gangwar ◽  
Hema Date
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Technology Implementation ◽  
Identity Management ◽  
Education And Training ◽  
End User ◽  
Governance Framework ◽  
Security Governance ◽  
Information Security Governance ◽  
And Training

The paper reveals factors impacting information security governance within the cloud computing technology implementation in organizations. Case study methodology was used and 15 semi-structured interviews were conducted with directors and information security professionals from 5 different types of organizations. The main component that were identified as playing a significant role in information security governance were: information security strategy, security policies and procedure, risk management and assessment program, compliance and standard, monitoring and auditing, business continuity and disaster recovery, asset management and access control and identity management. The results show that awareness through education and training of employees needs to be given very particular attention in cloud computing security. The paper does not include any end-user perspective in interviews and this end-user context is missing. Companies need to focus upon awareness through education and training of employees. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Also, organisations should develop their information security using a very precise and detailed planning process that ensures the right cloud computing acceptance by the users. The proposed information security governance framework offers organisations a holistic perspective for governing information security, and minimizes risk and cultivates an acceptable level of information security culture.

scholarly journals Review on methods of imrpoving information security posture of the company by increasing end user awareness

2021 ◽  
Vol 143 (3) ◽  
pp. 185-189
Author(s):  
D. Berdysheva ◽  
◽  
A. Askhatuly ◽  
D. Yedilkhan ◽  
◽  
...  
Keyword(s):  
Information Security ◽  
End User ◽  
User Awareness

Establishing information security policy compliance culture in organizations

2018 ◽  
Vol 26 (4) ◽  
pp. 420-436 ◽  
Author(s):  
Eric Amankwa ◽  
Marianne Loock ◽  
Elmarie Kritzinger
Keyword(s):  
Information Security ◽  
Security Policy ◽  
User Involvement ◽  
Research Model ◽  
End User ◽  
Policy Compliance ◽  
Content Type ◽  
Behavioural Intentions ◽  
End User Involvement ◽  
Security Policy Compliance

Purpose This paper aims to establish that employees’ non-compliance with information security policy (ISP) could be addressed by nurturing ISP compliance culture through the promotion of factors such as supportive organizational culture, end-user involvement and compliance leadership to influence employees’ attitudes and behaviour intentions towards ISP in organizations. This paper also aims to develop a testable research model that might be useful for future researchers in predicting employees’ behavioural intentions. Design/methodology/approach In view of the study’s aim, a research model to show how three key constructs can influence the attitudes and behaviours of employees towards the establishment of security policy compliance culture (ISPCC) was developed and validated in an empirical field survey. Findings The study found that factors such as supportive organizational culture and end-user involvement significantly influenced employees’ attitudes towards compliance with ISP. However, leadership showed the weakest influence on attitudes towards compliance. The overall results showed that employees’ attitudes and behavioural intentions towards ISP compliance together influenced the establishment of ISPCC for ISP compliance in organizations. Practical implications Organizations should influence employees’ attitudes towards compliance with ISP by providing effective ISP leadership, encouraging end-user involvement during the draft and update of ISP and nurturing a culture that is conducive for ISP compliance. Originality/value The study provides some insights on how to effectively address the problem of non-compliance with ISP in organizations through the establishment of ISPCC, which has not been considered in any past research.

Classifying Articles in Information Ethics and Security

2011 ◽  
pp. 68-75
Author(s):  
Zack Jourdan
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Database Management ◽  
Information Ethics ◽  
End User ◽  
User Attitudes ◽  
Reasonable Cost ◽  
Networking Protocols

Practitioners and researchers have been working to develop information systems (IS) that are functional and yet secure from a variety of threats at a reasonable cost (Austin & Darby, 2003; Mercuri, 2003; Cavusoglu, Cavusoglu, & Raghunathan, 2004; Sipponen, 2005). Information security and ethics (ISS/E) research involves a number of diverse subjects, including networking protocols (Sedaghat, Pieprzyk, & Vossough, 2002), database management (Sarathy & Muralidhar, 2002), cryptography (Anderson, 1994), ethics (Tavani, 2004; Straub & Welke, 1998), coping with risk (Banerjee, Cronan, & Jones, 1998), end-user attitudes (Harrington, 1996), and passwords (Zviran & Haga, 1999).

Exploring Information Security Governance in Cloud Computing Organisation

Web Services ◽  
2019 ◽  
pp. 2041-2059
Author(s):  
Hemlata Gangwar ◽  
Hema Date
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Technology Implementation ◽  
Identity Management ◽  
Education And Training ◽  
End User ◽  
Governance Framework ◽  
Security Governance ◽  
Information Security Governance ◽  
And Training

The paper reveals factors impacting information security governance within the cloud computing technology implementation in organizations. Case study methodology was used and 15 semi-structured interviews were conducted with directors and information security professionals from 5 different types of organizations. The main component that were identified as playing a significant role in information security governance were: information security strategy, security policies and procedure, risk management and assessment program, compliance and standard, monitoring and auditing, business continuity and disaster recovery, asset management and access control and identity management. The results show that awareness through education and training of employees needs to be given very particular attention in cloud computing security. The paper does not include any end-user perspective in interviews and this end-user context is missing. Companies need to focus upon awareness through education and training of employees. Moreover, management and employee support is the critical component of the effective information security governance framework implementation. Also, organisations should develop their information security using a very precise and detailed planning process that ensures the right cloud computing acceptance by the users. The proposed information security governance framework offers organisations a holistic perspective for governing information security, and minimizes risk and cultivates an acceptable level of information security culture.

Sign in / Sign up

Export Citation Format

Share Document