Your search keyword '"*COMPUTER networks in business enterprises"' showing total 286 results

1. IMPOSSIBLE MATH: THE NEED FOR GOVERNMENT-BACKED CYBER INSURANCE.

Author

Sayre, Mark A.

Subjects

*INTERNET security, *SECURITY measures of computer networks in business enterprises, *INSURANCE, *LEGAL liability, *NEGLIGENCE, *PROFESSIONAL standards, *CYBERTERRORISM

Abstract

The article explores the cybersecurity practices of businesses and the necessity of a federal government cyber insurance program in the U.S. Topics discussed include the liability that companies may face for failing to implement effective cybersecurity solutions under a negligence theory, the challenges in establishing professional cybersecurity standards, and the financial and economic risks associated with cyberattacks.

Published

2023

2. Building an Enterprise SOC and Risk Management Function.

Author

Teitler, Katie

Subjects

INTERNET security, RISK management in business, FAST food restaurants, INFORMATION technology, SECURITY measures of computer networks in business enterprises

Abstract

The article describes the case of the creation of an enterprise security operations center (SOC) and risk management function at a U.S.-based fast-food franchise. It mentions the focus of the security program on risk reduction. It explains the challenges encountered by the security operations team due to the fact that it is responsible for corporate security but not the information technology of franchises. Also noted is the use of business impact analysis by the team to formalize the program.

Published

2021

3. Cybersecurity.

Author

Harvard Business Review Press

Subjects

INTERNET security, COMPUTER crime prevention, DATA security failures, SECURITY measures of computer networks in business enterprises

Abstract

In most organizations, IT teams lead, plan, and execute almost every element of their firms' cybersecurity initiatives. However, cyberattacks are growing in number and veracity, and businesses need a more holistic strategy to defend against threats. In Cybersecurity: The Insights You Need from Harvard Business Review, 17 technology experts and cybersecurity practitioners discuss the challenges of this new reality. They emphasize the importance of securing sound defensive technologies to guard against risks, and they demonstrate the criticality of implementing practices that protect systems and data from the biggest threat to a business's security—its people.

Published

2020

4. RANSOMWARE ON THE RISE: With attacks increasing in frequency and severity, experts offer advice for preparing a solid defence.

Author

Fairey, Alanna

Subjects

RANSOMWARE, SECURITY measures of computer networks in business enterprises, INTERNET security, SUPPLY chains, MALWARE

Abstract

The article focuses on the surge in ransomware and offers advice to business organizations on preparing for such attacks. Topics discussed include the vulnerability of business organizations without cybersecurity systems to ransomware, the concern of supply chains on this increase in ransomware, and the implications of a ransomware attack, the need for organizations to invest in cybersecurity systems.

Published

2021

5. RULING THE NET.

Author

Spar, Debora and Bussgang, Jeffrey J.

Subjects

ELECTRONIC commerce, INTERNET laws, INTELLECTUAL property, SECURITY measures of computer networks in business enterprises, COPYRIGHT, COMPUTER security, VIRTUAL communities, FIREWALLS (Computer security), DATA encryption, INTANGIBLE property

Abstract

The Internet promises a radical new world of business. But for many companies, it has yet to deliver. Although doing business in cyberspace may be novel and exhilarating, it can also be frustrating, confusing, and even unprofitable. Debora Spar and Jeffrey Bussgang argue that the problems companies face have little to do with a lack of technology or imagination. Their problems stem instead from a lack of rules. Without the order that rules create, business cannot be conducted. The authors explain why the informal rules that have developed on the Internet since the 1960s are no longer sufficient. Businesses thinking of allowing millions of dollars of transactions to occur on the wide-open Net need specific assurances. They require clear definitions of property rights, a safe and useful means of exchange, and a way to locate and punish violators of on-line rules. The authors believe that the key to commerce on the Internet lies in the creation of managed on-line communities. Such communities can be formed by service providers--entities that will restrict on-line options, fine-tune offerings to match a select group of users, and provide some means of recourse in cases of fraud or abuse. Under those conditions, they will draw new companies on-line and increase the productivity of those already there. And, say the authors, the rewards for service providers will be substantial: Companies that make the rules on the Internet's emerging frontier have the opportunity to reap the greatest profits. [ABSTRACT FROM AUTHOR]

Published

1996

6. Common sense and computer security.

Author

Buss, Martin D.J. and Salermo, Lynn M.

Subjects

COMPUTER security, DATA protection, SECURITY measures of computer networks in business enterprises, DATABASE security, DATA encryption, ACCESS control, COMPUTER crimes, BACKUP processing alternatives in electronic data processing, INTERNAL auditing, SECURITY systems

Abstract

The age of information so frequently described and anticipated in ‘gee-whiz’ language has a darker side. As recent newspaper stories and other media attention show, unauthorized tampering with computer data banks and computer programs is on the rise. And the problem will grow worse with the proliferation of microcomputers, word processors, and data networks and with the swelling ranks of people familiar with their use. Probing beyond the conventional legislative and technological solutions to computer security problems, the authors look at what managers can do to preserve the integrity of their companies' information systems. While it is no longer possible simply to delegate responsibility for computer security to data processing managers, senior managers should not rely on expensive and complex solutions, according to these authors. They argue for simple, commonsense measures and advise how auditing and control systems can be revitalized to help detect security problems before they become serious. [ABSTRACT FROM AUTHOR]

Published

1984

7. One-time password authentication scheme based on the negative database.

Author

Zhao, Dongdong and Luo, Wenjian

Subjects

*COMPUTER passwords, *COMPUTER access control, *DATABASES, *INDUSTRIAL management, *HOUSEHOLD electronics, *SECURITY measures of computer networks in business enterprises

Abstract

In this paper, a novel one-time password authentication scheme based on the negative database ( NDB ) is proposed. The authentication data, which involve a user password and random number, are converted to an NDB before they are transmitted to the network. Recovering the original database ( DB ) from an NDB is an NP -hard problem. Even if the data transmitted in the network have been intercepted by an attacker, the attacker cannot recover the password due to the hardness of reversing the NDB . The proposed scheme is the first one-time password authentication scheme based on the NDB . Following the method used in this paper, the NDB can be added to other authentication schemes as an extra layer to further improve security. The proposed scheme can be adopted into other applications such as business management, network-based consumer electronics, and intelligent household systems. [ABSTRACT FROM AUTHOR]

Published

2017

8. NEW SECURITY THREATS FOR COMPANIES IN ROMANIA.

Author

Silviu, Cojocaru and Camelia, Cojocaru

Subjects

SECURITY management, SECURITY measures of computer networks in business enterprises, COMPUTER security vulnerabilities, INFORMATION technology, INFORMATION technology security

Abstract

In the late years, much attention was focused on cyber-attacks, threats to privacy and the acts of malicious insiders. Despite various efforts, the damaging threats from cyber-criminals continue to face businesses all around the world. At the same time, the type and amplitude of the attacks changed the threats landscape, bringing special attention to some areas. Computer systems today are related to virtually all business processes in organizations. Consequently, security incidents can cause major damages to internal processes and to entire organization's activity. Critical security issues can cause stopping all production activities of a company, this is a consequence of the interconnection of IT solution and business processes. Connecting to the Internet a vast range of devices, and the use of mobile devices contributed to the rising exposure to security incidents. This paper aims to analyse the security threats for the information systems of small and medium companies in Romania. [ABSTRACT FROM AUTHOR]

Published

2014

9. Supporting Business Privacy Protection in Wireless Sensor Networks.

Author

Feng, Nan, Hao, Zhiqi, Yang, Sibo, and Wu, Harris

Subjects

WIRELESS sensor networks, BUSINESS information services, SECURITY measures of computer networks in business enterprises, RISK assessment, CONJOINT analysis, SECURITY systems

Abstract

With the pervasive use of wireless sensor networks (WSNs) within commercial environments, business privacy leakage due to the exposure of sensitive information transmitted in a WSN has become a major issue for enterprises. We examine business privacy protection in the application of WSNs. We propose a business privacy-protection system (BPS) that is modeled as a hierarchical profile in order to filter sensitive information with respect to enterprise-specified privacy requirements. The BPS aims at solving a tradeoff between metrics that are defined to estimate the utility of information and the business privacy risk. We design profile, risk assessment, and filtration agents to implement the BPS based on multiagent technology. The effectiveness of our proposed BPS is validated by experiments. [ABSTRACT FROM AUTHOR]

Published

2016

10. SPECIAL LETTER: CYBER SECURITY IS EVERYONE'S BUSINESS.

Author

Rothrock, Ray A.

Subjects

INTERNET security, SECURITY measures of computer networks in business enterprises, COMPUTER crime prevention

Abstract

The article discusses the importance of cybersecurity in businesses and the role of employees in safeguarding the computer network and assets of the company, and offers information on the evolution of cyber security in fighting cybercriminality.

Published

2017

11. HACKING CULTURE.

Author

Gates, Megan

Subjects

CYBERTERRORISM, SECURITY measures of computer networks in business enterprises

Abstract

The article discusses how cyber attackers advancing in stealing data of corporate companies despite security measures, what make companies vulnerable to cyber attacks, and how companies can deal with the growing cyber threats.

Published

2017

12. RANSOMWARE OR BUST? MAJORITY STILL DON'T PAY.

Author

Richards, Kathleen

Subjects

RANSOMWARE, SECURITY measures of computer networks in business enterprises, BIG business, SPAM email, CYBERTERRORISM, COUNTERTERRORISM policy, MALWARE, RANSOM

Abstract

The article discusses the increase in the proliferation of crypto-ransomware activity against big businesses and organizations. Topics include the threats in clicking on email with malicious attachments, the development of variants of crypto-ransomware such as CryptoLocker, and the implications of paying ransom to attackers according to law enforcement.

Published

2016

13. La falta de expertos en ciberseguridad obliga a recurrir a estudiantes.

Author

WINICK, ERIN

Subjects

INTERNET security, SECURITY measures of computer networks in business enterprises, COMPUTER security

Abstract

El artículo examina la falta de trabajadores en la industria de ciberseguridad y considera la inversión de muchas empresas en expertos en este campo.

Published

2018

14. COMPUTER SECURITY: WHAT CAN BE DONE.

Subjects

COMPUTER security, SECURITY measures of computer networks in business enterprises, COMPUTER crime prevention, DATA protection

Abstract

The article focuses on the issue of computer security in companies. According to Belden Menkus, a computer security consultant, despite the emergence of computer protective systems in the market, many computers systems used by companies do not have a strong security to prevent computer crimes. Joseph A. Piscopo, chairman of Pansophic System Inc., said that poor computer security is also caused by the lack of prioritization by the top management of companies.

Published

1983

15. BALANCING THE BREACH: DATA PRIVACY LAWS IN THE WAKE OF THE NSA REVELATIONS.

Author

Giles, Courtney

Subjects

*DATA security laws, *DATA security failures, *INTERNET privacy laws, *SECURITY measures of computer networks in business enterprises, *PREVENTION

Abstract

The article focuses on the data privacy laws for the business's objectives. Topics discussed include data privacy laws in India and Brazil for the prevention of data breaching, regulations proposed in each country since the U.S. National Security Agency (NSA) revelations and effects of the laws on individuals and businesses. It also mentions a solution to the disjoined Internet privacy laws on an international scale.

Published

2015

16. Organizational Privacy Strategy: Four Quadrants of Strategic Responses to Information Privacy and Security Threats.

Author

Parks, Rachida F. and Wigand, Rolf T.

Subjects

SECURITY measures of computer networks in business enterprises, INFORMATION technology security, INTERNET privacy, DATA privacy, MEDICAL care, SECURITY systems

Abstract

How do organizations make strategic choices concerning information privacy and security practices? Focusing onorganizational privacy strategy,this study describes patterns in response to information privacy threats, firms’ organizational strategy, and responses to institutional pressures. Two theoretical views are converged: Oliver’s (1991) strategic responses framework to institutional processes and Miles and Snow’s (1978) typology of organizational strategy, structure, and processes. Drawing on a healthcare industry study, variations, predictions, and illustrations of four quadrants ofconformist, entrepreneur, transformer,anddefenderprivacy strategies are provided. This work’s major contribution is the analysis and conceptualization of organizational privacy strategies, providing an umbrella-like theoretical perspective. Practical implications extend beyond the illustrative setting of the healthcare industry. [ABSTRACT FROM PUBLISHER]

Published

2014

17. CHAPTER 8: SECURING YOUR WEB- BASED BUSINESS.

Author

Williams, Beth and Brown, Bruce C.

Subjects

ELECTRONIC commerce security measures, SECURITY measures of computer networks in business enterprises, COMPUTER virus prevention, INTERNET fraud prevention

Abstract

Chapter 8 of the book "How to Open & Operate a Financially Successful Web-Based Business," by Beth Williams is presented. It explores the means for securing online business. It explains that one way for protecting an electronic business is embarking insurances for product liability or business equipment. It cites that web-based trading is exposed to internet virus thus applications like Spyware and AVG Internet Security must be installed.

Published

2007

18. SECURITY THREAT SOURCES AND SUPPLIERS: A MANAGEMENT THREAT PROCESS MODEL.

Author

Dawn Medlin, B. and Romaniello, Adriana

Subjects

BUSINESS information services, SECURITY measures of computer networks in business enterprises, COMPUTER network resources, ELECTRONIC information resources, ACCESS control, ACCESS control of computer networks, COMPUTER virus prevention, COMPUTER worms, SECURITY systems

Abstract

Both large and small organizations are increasingly investing additional time and money in the design and implementation of more robust and theoretically more secure systems. In order to fortify against the constant bombardment of internal as well as external security threats and attacks, today's systems are required to remain in an active and reactive status. Further complicating this issue is the necessity to support an ever-increasing requirement for access to business information by corporate branches, business partners, customers, and employees. This paper provides a review and categorization of various technology-based security threats, and their sources. It then provides a process model that can assist organizations in addressing these threats. [ABSTRACT FROM AUTHOR]

Published

2006

19. Schatten-IT: Implikationen und Handlungsempfehlungen für Mobile Security.

Author

Walterbusch, Marc, Fietz, Adrian, and Teuteberg, Frank

Subjects

CLOUD computing security measures, MOBILE computing, INFORMATION technology industry, SECURITY measures of computer networks in business enterprises, COMPUTER network security, SECURITY systems

Abstract

Copyright of HMD: Praxis der Wirtschaftsinformatik is the property of Springer Nature and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Author-supplied Abstracts.)

Published

2014

20. THE 17TH GLOBAL INFORMATION SECURITY SURVEY.

Author

Crathorne, Mark

Subjects

SURVEYS, INTERNET security, COMPUTER crime prevention, SECURITY measures of computer networks in business enterprises, INFORMATION technology security, COMPUTER network resources

Abstract

The article discusses a survey on global information security titled '"Get Ahead of Cybercrime" in which companies belonging to various sectors participated. Topics discussed include management of cyber-security threats by business enterprises, a survey based on internal information security threat and external information security threat, and methods to achieve cyber-security.

Published

2014

21. Is Security Realistic In Cloud Computing?

Author

Srinivasan, S.

Subjects

CLOUD computing security measures, CLOUD storage security measures, CLOUD computing laws, BUSINESS enterprise security, SECURITY measures of computer networks in business enterprises, TECHNOLOGICAL innovations in business enterprises

Abstract

Cloud computing is rapidly emerging as an attractive IT option for businesses. As a concept cloud computing is well received because of the benefits it offers but many users are not clear about the scope of security in cloud computing. Many surveys point out that security in the cloud remains the top concern for many businesses in their decision making consideration in spite of the cost advantages it offers. In order to identify the security concerns we analyzed over 50 research articles and industry white papers published over the past five years. In this paper we focus on the question "Is security realistic in cloud computing?" In presenting the justification that it is possible to expect adequate security features in the cloud we address several related issues. In this context we first briefly describe the three types of cloud services -- SaaS, PaaS and IaaS. Then we focus on the security aspects that businesses must pay attention to in order to succeed. Next, we consider the importance of trust in the service providers and how they could build customer trust in their services. This discussion leads to service reliability in the cloud and what the cloud providers have learned from cloud outages in order to build trust. Also, we highlight how the security features offered in the cloud support compliance requirements. We conclude the paper with some relevant information on the legal aspects related to cloud computing. [ABSTRACT FROM AUTHOR]

Published

2013

22. ASSEMBLE THE DECISION-MAKERS: Security projects may require input from departments across the organization.

Author

Johnston, Jeremiah

Subjects

SECURITY measures of computer networks in business enterprises, BUSINESS enterprises, SECURITY management, COVID-19 pandemic, INFORMATION technology personnel

Abstract

The article provides tips on involving decision-makers and system users in security solutions of a business organization. Topics discussed include the importance of a security strategy to business organizations as the industry witnessed the impact of the COVID-19 pandemic on business models, the significant role of support from the information technology department in an organization's security strategy, and the involvement of the maintenance and facilities team in such projects.

Published

2021

23. A Study of Performative Hactivist Subcultures and Threats to Businesses.

Author

Workman, Michael, Phelps, DanielC., and Hare, RobertC.

Subjects

*HACKTIVISM, *SECURITY measures of computer networks in business enterprises, *SENTIMENT analysis, *LOGISTIC regression analysis, *COMPUTER crimes

Abstract

Performative hactivism is the use of the Internet for expressing extreme political dissent online. It differs from cyber harassment in that performative hactivism is politically motivated. We found that there are contagion and other social effects among hactivists and that hactivism exhibits feature patterns that define them as subcultures. To conduct our research, we created a provocative Website and blog and then promoted it on the Internet. Using sentiment analyses and logistic regression, we identified features associated with performative hactivism. We then studied the blog remarks and used Website analytics to gain a better understanding of the implications for business security. The results from this work should help business and information security researchers (especially in social engineering), as well as business practice managers, strategists, and security analysts, to predict the lifecycles and impacts of hactivism on their operations and assist them in the creation of interventions. [ABSTRACT FROM AUTHOR]

Published

2013

24. A Markov Decision Process Model for High Interaction Honeypots.

Author

Hayatle, Osama, Otrok, Hadi, and Youssef, Amr

Subjects

*PARTIALLY observable Markov decision processes, *HONEYPOTS (Network security), *SECURITY measures of computer networks in business enterprises, *COMPUTER crime prevention, *BOTNETS

Abstract

Honeypots, which are traps designed to resemble easy-to- compromise computer systems, have become essential tools for security professionals and researchers because of their significant contribution in disclosing the underworld of cybercrimes. However, recent years have witnessed the development of several anti-honeypot technologies. Botmasters can exploit the fact that honeypots should not participate in illegal actions by commanding the compromised machine to act maliciously against specific targets which are used as sensors to measure the execution of these commands. A machine that is not allowing the execution of such attacks is more likely to be a honeypot. Consequently, honeypot operators need to choose the optimal response that balances between being disclosed and being liable for participating in illicit actions. In this paper, we consider the optimal response strategy for honeypot operators. In particular, we model the interaction between botmasters and honeypots by a Markov Decision Process (MDP) and then determine the optimal policy for honeypots responding to the commands of botmasters. The model is then extended using a Partially Observable Markov Decision Process (POMDP) which allows operators of honeypots to model the uncertainty of the honeypot state as determined by botmasters. The analysis of our model confirms that exploiting the legal liability of honeypots allows botmasters to have the upper hand in their conflict with honeypots. Despite this deficiency in current honeypot designs, our model can help operators of honeypots determine the optimal strategy for responding to botmasters’ commands. We also provide simulation results that show the honeypots’ optimal response strategies and their expected rewards under different attack scenarios. [ABSTRACT FROM AUTHOR]

Published

2013

25. Checklists: Prevent white-collar computer crime.

Author

McGee, Jo Ann and Byington, J. Ralph

Subjects

COMPUTER crime prevention, WHITE collar crimes, INFORMATION technology, COMPUTER security, SECURITY measures of computer networks in business enterprises, INDUSTRIAL management

Abstract

White-collar crime (WCC) has reached epidemic proportions worldwide. Unfortunately, the growth of WCC has been facilitated by information technology (IT) advances that have made it easier to commit WCC by using the computer. The authors of this article present a checklist of measures for management to help prevent and detect IT-related WCC. © 2012 Wiley Periodicals, Inc. [ABSTRACT FROM AUTHOR]

Published

2012

26. What Is Critical to Your Infrastructure?

Author

Davis, Adrian

Subjects

SECURITY measures of computer networks in business enterprises, INFRASTRUCTURE (Economics), ASSOCIATIONS, institutions, etc., COMPUTER security, SECURITY systems

Abstract

Critical infrastructure means many things to many people. Adrian Davis, principal research analyst with the Information Security Forum (ISF), explains why determining which infrastructure elements are critical to a business is the first step in keeping them safe [ABSTRACT FROM AUTHOR]

Published

2011

27. A new comprehensive framework for enterprise information security risk management.

Author

Saleh, Mohamed S. and Alfantookh, Abdulkader

Subjects

SECURITY measures of computer networks in business enterprises, COMPUTER security, SIX Sigma, DATA protection, DATA security, RISK management in business

Abstract

Abstract: With the wide spread use of e-transactions in enterprises, information security risk management (ISRM) is becoming essential for establishing a safe environment for their activities. This paper is concerned with presenting a comprehensive ISRM framework that enables the effective establishment of the target safe environment. The framework has two structural dimensions; and two procedural dimensions. The structural dimensions include: ISRM “scope” and ISRM “assessment criteria”, while the procedural dimensions include: ISRM “process” and ISRM “assessment tools”. The framework uses the comprehensive STOPE (strategy, technology, organization, people, and environment) view for the ISRM scope; while its assessment criteria is considered to be open to various standards. For the procedural dimensions, the framework uses the widely known six-sigma DMAIC (define, measure, analyze, improve, and control) cycle for the ISRM process; and it considers the use of various assessment tools. It is hoped that the framework would be widely used in the future as an open reference for ISRM. [Copyright &y& Elsevier]

Published

2011

28. The implementation guidance for practicing network isolation by referring to ISO-17799 standard

Author

Lai, Yeu-Pong and Dai, Ruan-Han

Subjects

*SECURITY measures of computer networks in business enterprises, *COMPUTER security standards, *BUSINESS finance, *INFORMATION storage & retrieval systems, *INTRANETS (Computer networks), *INTERNET, *COMPUTER engineering

Abstract

Abstract: In these years, the company budgets are raised dramatically for eliminating the security problems or mitigating the security risks in companies, but the numbers of incidents happening on computer systems in intranet or internet are still increasing. Many researchers proposed the way–to isolate the computers storing sensitive information for preventing information on these computers revealed or vulnerability on these computers exploited. However, there are few materials available for implementing network isolation. In this paper, we define ways of network isolation, “physical isolation” and “logical isolation”. In ISO-17799, there is no implementation guidance for practicing network logical isolation but auditing network physical isolation. This paper also provides the implementation guidance of network isolation in two aspects. One is for the technique viewpoints. The other aspect is for management viewpoints. These proposed implementation outlines and security measures will be considered in revising the security plan, “The Implementation Plan for Information Security Level in Government Departments” [“The implementation plan for information security level in government departments,” National Information and Communication Security Taskforce, Taiwan R.O.C., Programs, Jul. 20 2005]. [Copyright &y& Elsevier]

Published

2009

29. From Ancient Fortress to Modern Cyberdefense.

Author

Liu, Simon and Ormaner, Jerry

Subjects

SECURITY measures of computer networks in business enterprises, INFORMATION resources management security, INTERNET security, FIREWALLS (Computer security), ELECTRONIC data processing, BUSINESS planning, SECURITY management

Abstract

The article discusses the cyberdefense mechanism used to secure the electronic data and computerized information systems in cyberspace of business enterprises. It mentions the major elements of cyberdefense that constitutes like a fortress such as an observation tower, fortified walls, and gates which respectively monitors any incoming threats, guide the servers, and manipulates the access protected by fortified walls. Moreover, it mentions several actions to be taken in assuring the development of a comprehensive security program which include vulnerability management, business continuity planning (BPC), and security awareness training.

Published

2009

30. A security policy framework for context-aware and user preferences in e-services

Author

Sliman, Layth, Biennier, Frédérique, and Badr, Youakim

Subjects

*COMPUTER security, *DATA security, *SERVICE-oriented architecture (Computer science), *SECURITY measures of computer networks in business enterprises, *DISTRIBUTED computing, *CONTEXT-aware computing, *USER interfaces, *GOVERNMENT policy

Abstract

Abstract: In today’s dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation. [Copyright &y& Elsevier]

Published

2009

31. Information security goes green.

Author

Arnfield, Robin

Subjects

INFORMATION storage & retrieval systems, SECURITY systems, DATA libraries, SECURITY measures of computer networks in business enterprises

Abstract

Green IT has gone mainstream. The last year has seen corporations such as Citigroup establishing their environmental credentials by opening green data centres. But how do the separate disciplines of green IT and security come together? Robin Arnfield reports [Copyright &y& Elsevier]

Published

2009

32. Security: The Virtual Quest.

Author

Nahouraii, Ata, Robbins, Donald, Jones, Trevor H., Saban, Kenneth, and Saykiewicz, Jan Napoleon

Subjects

SECURITY measures of computer networks in business enterprises, COMPUTER network security, INFORMATION resources management, DATA encryption, BUSINESS information services, BUSINESS communication

Abstract

Security and related contingency recovery plans ensure a business' survival when it is faced with potential information systems breakdowns. Its primary objective is to prevent a calamity from occurring and to limit the impact of destructive events related to computer- based information systems. Most disaster recovery plans, when put into effect, fail to serve the intended purpose. The value of a properly implemented security is to prevent external intrusions before they start, and have an internal recovery plan to restore service so that assets are not adversely affected. This paper provides some insight regarding security as well as identifying some of the pitfalls or weakness in this part of an organization's communication network. Emerging technologies such as the use of biometrics, authentications, steganography, and data encryption used for security will be the focus of the paper. [ABSTRACT FROM PUBLISHER]

Published

2002

33. TARGETING DATA TERRORISTS.

Author

TERRY, LISA

Subjects

CYBERTERRORISM, COUNTERTERRORISM, SECURITY measures of computer networks in business enterprises, MERCHANTS, PSYCHOLOGY

Abstract

The article presents questions and answers related to cyber attacks including the difference of computer systems breach of business enterprises, security practices for client's location and the security of network overlooked by merchants.

Published

2014

34. The State of Enterprise Video.

Author

Siglin, Tim

Subjects

STREAMING video & television, SECURITY measures of computer networks in business enterprises, ECONOMIC impact of business enterprises, STREAMING media, MARKETING research, CELL phones, TABLET computers

Abstract

The article discusses the aspects of enterprise video by referring to a report by market research firm Frost & Sullivan which revealed growth in global enterprise video webcasting solutions from 2013-2019. Topics discussed include role of mobile phone devices in delivering enterprise videos, aspects of bring your own device in delivering content on cell phones and tablet computers and measures required to maintain the security of application software involved in delivering the video content.

Published

2014

35. How Vulnerable Are We?

Author

SCHNEIDER, DAVE

Subjects

COMPUTER security, DATA security, DATA protection, SECURITY measures of computer networks in business enterprises, DENIAL of service attacks, BUSINESS intelligence, INFORMATION technology security

Abstract

The article focuses on the issue of data security in the enterprise sector, as well as the steps to ensure the effectiveness of security measures. The author mentions that security issues can affect several business areas, which can be in a form of distributed denial of service (DDoS) or the loss of important business intelligence and information. He states that establishing an information technology (IT) resiliency strategy can protect enterprises from such threats.

Published

2012

36. Building Risk Resilience.

Author

DURBIN, STEVE

Subjects

SECURITY measures of computer networks in business enterprises, RISK management in business, RISK assessment, SECURITY management, INFORMATION resources management

Abstract

The author discusses security measures to deal with computer security threats and the challenges faced by business enterprises. He mentions various computer network threats including external threats, regulatory threats and internal threats. Several security measures are suggested including that the enterprises can use standard security policies and procedures, adopt systematic approach to risk assessment, and monitor regulatory developments to improve information management procedures.

Published

2012

37. Secure Your Web Apps with Web Application Firewalls.

Author

Beckman, Mel

Subjects

COMPUTER network security, COMPUTER security software, SECURITY measures of computer networks in business enterprises, INFORMATION technology security, PREVENTION of computer hacking, COMPUTER fraud, FIREWALLS (Computer security)

Abstract

The article focuses on the web application firewall (WAF), the computer software installed to protect web applications of business enterprises from hackers and frauds. The author relates that network administrators from these institutions must consider the need to understand the limitations of traditional network perimeter protection to prevent such cases from happening. He notes that security programs such as firewalling does not completely protect web applications from fraudulent actions.

Published

2011

38. Building solid foundations: the case for data classification

Author

Everett, Cath

Subjects

*DATA security, *CLASSIFICATION, *SECURITY systems, *SECURITY measures of computer networks in business enterprises, *INFORMATION theory, *COMPUTER security

Abstract

Although data classification is considered by many professionals to be the foundation of any information security activity, few organisations outside of defence and the security services have done much about it. The discipline is a crucial one, however – not least because, in an ideal world, it should drive the rules that determine what users are permitted to do, or not do, with corporate information. In fact, information security professionals are increasingly starting to view data classification as the core of all other information security activity. Cath Everett explores why it is so important, what benefits it offers and why, despite this, it has not been more widely adopted to date. She also puts forward suggestions for constructing a business case for data classification and looks at what steps organisations need to take to ensure that these complex change projects succeed. [ABSTRACT FROM AUTHOR]

Published

2011

39. Security for virtual private intranets.

Author

Arbaugh, William A., Davin, James R., Farber, David J., and Smith, Jonathan M.

Subjects

*SECURITY measures of computer networks in business enterprises, *SMART cards, *SECURITY systems

Abstract

States that businesses must consider computer security when extending their office computer network environment to employees' homes. Assumptions and limitations of secure identity-based loading (SIBL); Techniques in securing the integrity of firmware; Information on Smart-card integration; Goals on integrating a workstation into a particular network environment; Other applications of SIBL.

Published

1998

40. STRATEGIZING FOR BETTER TIMES.

Author

SAVAGE, MARCIA

Subjects

SECURITY measures of computer networks in business enterprises, INFORMATION technology security, RECESSIONS, CONTRACTING out

Abstract

The article reflects on the status of security professionals after the recession. It states that security building will focus on efficiency, compliance requirements satisfaction, and security initiatives based on operational risks. It cites several measures taken by companies to survive the recession such as putting identity and access management projects on hold, freezing information technology budgets, and outsourcing. It also talks about new technologies and aligning security with business requirements. INSETS: Bucking the Odds;Where's the Recovery?.

Published

2010

41. "The social media phishing problem can be described in just two words: exaggerated trust".

Author

WINDER, DAVEY

Subjects

SOCIAL media, PHISHING, DATA security failures, INTERNET security, SECURITY measures of computer networks in business enterprises, PREVENTION

Abstract

The article focuses on the increasing incidence of social media phishing attacks, which is done by targeting a social media user and designing a customized bait to gather information. Topics discussed include the lack of attention on securing networks from social media phishing attacks, the importance education in preventing social media phishing in the workplace and the advent of state-sponsored social media hacks.

Published

2016

42. What will It Take?

Author

Davis, Michact A.

Subjects

*DATA encryption, *SECURITY measures of computer networks in business enterprises, *DATA protection, *DATA corruption, *SURVEYS

Abstract

The article discusses the importance of encryption in organizations which is not yet fully deciphered by business technology professionals. It mentions the survey which manifests that despite claims of encryption pervasiveness, its full potential is overlooked by users. It explores the various aspects of encryption including its advantages, change towards tokenization and cost-related concerns. The ways by which encryption and key management can be optimized for regulatory compliance are noted.

Published

2009

43. From culture to disobedience: Recognising the varying user acceptance of IT security

Author

Furnell, Steven and Thomson, Kerry-Lynn

Subjects

*INFORMATION technology security, *SECURITY measures of computer networks in business enterprises, *COMPUTER users, *COMPUTER security periodicals, *CORPORATE culture, *LEGAL compliance, *EMPLOYEE psychology

Abstract

It is often observed that addressing security can be as much about people as it is technology. One of the key aspects here is establishing the correct mindset, and ensuring that people are working for (or at least with) security rather than against it. Unfortunately, people are very often perceived as an obstacle rather than an asset in this regard. Indeed, to quote an Information Security magazine survey from a few years ago, one of the biggest hurdles for organisations to overcome in their attempts to address security is the problem of “unalert, uninterested, lax, ignorant, uncaring end users”. One of the most prevalent problems when protecting information assets is the apathetic attitude, and resulting actions and behaviour, of employees. Given that the corporate culture of an organisation shapes the beliefs and values of those within it, it becomes essential to address the mindsets of employees and ensure that relevant security knowledge and skills are communicated to them. However, organisations cannot assume a uniform starting point; employees will have varying degrees of compliance that may evolve to become more compliant or more disobedient depending on the guidance provided by management. This article examines the levels of security acceptance that can exist amongst employees within an organisation, and how these levels relate to three recognised levels of corporate culture. It then proceeds to identify several factors that could be relevant to the development of culture, from traditional awareness-raising techniques through to context-aware promotion of security. [Copyright &y& Elsevier]

Published

2009

44. Modeling of RBAC-based access control of virtual enterprise.

Author

Dejun Chen, Zude Zhou, Yingzhe Ma, and D.T. Pham

Subjects

*ACCESS control, *SECURITY measures of computer networks in business enterprises, *ELECTRONIC information resources, *SUPPLY chain management, *COMPUTER network resources, MANAGEMENT of computer networks in business enterprises

Abstract

The article presents a study which aims to create a role-based access control (RBAC) access control model for virtual enterprise (VE) access control. The study used RBAC principles integrated with VE generic structure like alternative competence team (ACT) and virtual affairs cooperative center (VACC). Results show that the integration of VE structure to RBAC can satisfy the high information security requirements of VE and can be applied to supply chain-oriented VE.

Published

2008

45. 3 strikes, you're out.

Author

Damore, Kelley

Subjects

COMPUTER access control, COMPUTER security, ACCESS control, ACCESS to wide area computer networks, SECURITY measures of computer networks in business enterprises

Abstract

The article identifies some of the factors that should be considered by companies when deploying identity and access management projects. To have a smooth deployment, get the right people involve in the project from the beginning. Identify key roles and responsibilities of the people involved. Next, define your objectives. Clear objectives and policies on how to reach that goals contribute to successful implementation. Then, organize and integrate various applications, hardware platforms and operating systems.

Published

2006

46. ALL ABOARD!

Author

Wood, Charles Cresson

Subjects

SECURITY measures of computer networks in business enterprises, COMPUTER security, DATA protection, SECURITY systems, CHIEF information officers, CHIEF executive officers, INFORMATION resources management

Abstract

Deals with gaining management buy-in and user compliance to security policies. Obtaining approval from the chief information officer and CEO; Involvement of the management in measuring compliance; Importance of sufficient training.

Published

2005

47. INTERNET PROTOCOL IDENTIFICATION (IPID) STEALTH SCANNING.

Author

Tinseth, Andrew

Subjects

SCANNING systems, INTERNET, COMPUTER network protocols, SYSTEM identification, SECURITY measures of computer networks in business enterprises

Abstract

As scanning techniques become more sophisticated, organizations must be aware of these new methods to keep themselves secure. The ability to scan hosts anonymously has become a reality, and organizations must be aware of the technique so they can determine if they are under attack. Following the procedures in this article should result in a fair amount of protection against these attacks but, as always, there are no guarantee. Organizations must maintain a diligent focus and stay abreast of these latest and greatest types of scans so they can keep themselves secure. INSET: PAYOFF IDEA. [ABSTRACT FROM AUTHOR]

Published

2003

48. BRINGING EFFECTIVE USER ACCOUNT MANAGEMENT INTO REACH.

Author

Garland, Kim

Subjects

COMPUTER access control, SECURITY measures of computer networks in business enterprises, COMPUTER security, INDUSTRIAL management, SECURITY systems industry

Abstract

Development of role-based user access controls can be a sound investment for an organization seeking ways to improve its user account administration process. Among the many benefits is the fact that it provides a sound basis for future security control integration, including development of improved system access monitoring controls, implementation of overall role-based access management, and integration of security-specific application controls such as user provisioning tools. This article dispels the myths associated with current user account management techniques by outlining a business case to assist in providing an understanding of sound practices required to successfully implement an effective user account management process. INSET: PAYOFF IDEA. [ABSTRACT FROM AUTHOR]

Published

2003

49. Data Integrity Assurance in a Layered Security Strategy

Author

Tickle, Ian

Subjects

*COMPUTER security, *SECURITY measures of computer networks in business enterprises, *FIREWALLS (Computer security)

Abstract

The security industry generally places most emphasis on dealing with threats from external sources, that is, from outside the corporate network. Companies are encouraged to implement firewalls and perimeter defence tools to keep intruders out. Network administrators monitor traffic for abnormal events, raising the alarm as soon as a suspicious email attachment is spotted. So it is fair to say that there is a general assumption that security threats come from outside. [ABSTRACT FROM AUTHOR]

Published

2002

50. SECURITY RED ALERT.

Author

Kosan, Lisa

Subjects

*SECURITY measures of computer networks in business enterprises, *COMPUTER security

Abstract

Explores approaches which can be employed by business organizations to respond to computer network security alerts. Assessment of response to security breaches; Systematic way of dealing with the growing number of security alerts; Factors to consider when determining the appropriate response to security breaches.

Published

2000