DocumentCode :
1923688
Title :
Information Security Optimization: From Theory to Practice
Author :
Simms, David
Author_Institution :
PricewaterhouseCoopers SA, Lausanne
fYear :
2009
fDate :
16-19 March 2009
Firstpage :
675
Lastpage :
680
Abstract :
Organizations face a significant challenge in designing and implementing appropriate information security measures. There are many sources of guidance on good and best practice relating to platforms, architectures and industries, but this guidance needs to be interpreted in the context of the specific risks faced by the organization, the desire to mitigate those risks, and the requirements for user friendliness, system performance and system availability driven by the user community. The process of identifying, justifying, implementing and maintaining the correct balance between security and ease of access for authorized users requires careful consideration at a number of phases, including the assessment of risks, the identification of appropriate standards, the definition of policies and the education of users, and organizations also need to implement mechanisms for the regular and effective review and update of the measures taken. This paper discusses the issues involved in implementing an optimized information security policy, the common pitfalls encountered by organizations in this respect, and presents an outline framework for such implementations.
Keywords :
optimisation; security of data; information security optimization; risk assessment; Availability; Business; Centralized control; Control systems; Information management; Information security; Management information systems; Standards development; Standards organizations; Standards publication; good practices; information security; risk management; security policy optimization;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Availability, Reliability and Security, 2009. ARES '09. International Conference on
Conference_Location :
Fukuoka
Print_ISBN :
978-1-4244-3572-2
Electronic_ISBN :
978-0-7695-3564-7
Type :
conf
DOI :
10.1109/ARES.2009.106
Filename :
5066546
Link To Document :
بازگشت