Organizational Information Security: The Impact of Employee Attitudes and Social Media Use

Social media has infiltrated organizations through employees bringing these popular tools from their personal lives into the workplace. Organizations have begun to realize that social media applications can be used for more than just connecting individuals. The purpose of this research-in-progress is to investigate the use of social media by employees in both their personal lives and their roles in the workplace. In this pilot study, the use of social media is examined to determine how it is related to an employee’s perceptions and attitudes towards organizational information security policies. This pilot study was conducted at small, medium or large organizations in France. There were 46 usable responses. The preliminary findings confirm that an employee’s personal use of social media services is related to an employee’s use of social media services at work as well as it shows that there is a lack of awareness of security risks associated with the use of social media

Mitigation of Insider Attacks through Multi-Cloud

The malicious insider can be an employees, user and/or third party business partner. In cloud environment, clients may store sensitive data about their organization in cloud data centers. The cloud service provider should ensure integrity, security, access control and confidentiality about the stored data at cloud data centers. The malicious insiders can perform stealing on sensitive data at cloud storage and at organizations. Most of the organizations ignoring the insider attack because it is harder to detect and mitigate. This is a major emerging problem at the cloud data centers as well as in organizations. In this paper, we proposed a method that ensures security, integrity, access control and confidentiality on sensitive data of cloud clients by employing multi cloud service providers. The organization should encrypt the sensitive data with their security policy and procedures and store the encrypted data in trusted cloud. The keys which are used during encryption process are again encrypted and stored in another cloud area. So that organization contains only keys for keys of encrypted data. The Administrator of organization also does not know what data kept in cloud area and if he accesses the data, easily caught during the auditing. Hence, the only authorized used can access the data and use it and we can mitigate insider attacks by providing restricted privileges

Too Much of a Good Thing? An Investigation of the Negative Consequences of Information Security in a Healthcare Setting

Information security is becoming a prime concern for individuals and organizations. This is especially true in healthcare settings where widespread adoption of integrated health information systems means that a vast amount of highly sensitive information on patients is accessible through many interaction points across the care delivery network. In this research in progress, we seek to uncover how individuals react when they perceive that their security environment is stressful. To do so, we conducted a case study using an inductive approach based on semi-structured interviews with 41 participants. The preliminary analysis of some of our interviews showed that too much security in a health setting can bring in negative consequences like evoking negative emotions in users toward the system, increased dissatisfaction, and increase of inappropriate workarounds, which can lead to ineffective usage of the system and eventually can put patients’ health at risk

Insider Threats to Information Systems

There are few, if any, organizations immune to the adverse and costly effects of successful information system attacks. As reliance on information systems continues to increase, organizations must continue to implement effective computer security measures to maintain their operability. This paper focuses on internal attacks executed by those individuals within the organization who have authorized access to information systems and behave in an unethical manner. We examine categorization of insiders; the motives and psychological profiles behind their destructive behavior; and conclude with a discussion of several measures that organizations can implement in order to detect and defend against insider threats

Stopping Insiders before They Attack: Understanding Motivations and Drivers

Insider attacks are able to evade traditional security controls because the perpetrators of the attack often have legitimate access to protected systems and data. Massive logging of user online activity data (e.g. file access or transfer, use of data storage devices, email records) is collected and analyzed to detect insider attacks (e.g. data theft, fraud, policy violation, etc.). Such techniques are fraught with drawbacks and limitations: 1) the proverbial “needle in a haystack problem,” where very little useful information is found in massive data sets, especially where the incidence of malicious insider activities is very small compared to that of legitimate actors; 2) employee privacy issues may exist about the company monitoring employee behavior; and 3) these techniques are largely wanting in their accuracy, leading to notably high false positive rates. Perhaps the most salient limitation of these techniques is that the analyses are post-hoc, and by the time the activity is detected, the insider has already engaged in data theft or exfiltration, the impact of which may not be reversible. This paper discusses the concept of using probes for detection of threats, wherein user intentions to engage in insider attacks can be gauged by sending carefully designed probes that rouse malicious users into acting. In this research, we seek a broad understanding of the scope and relevance of such probes. There are various motivations for users to steal data, including financial gain, patriotic fervor, and disgruntlement with work. In the present experiment, we created simulated conditions to reflect common insider motivations by providing subjects with imagined scenarios, then asking them to take the perspective of insiders in those scenarios, and explicate their actions through a series of structured questions that mimic our probes. The results show the effect of different scenarios in motivating the users, and the effectiveness of different probes in eliciting their actions

Improving the Information Security Model by using TFI

In the context of information systems and information technology, information security is a concept that is becoming widely used. The European Network of Excellence INTEROP classifies information security as a nonfunctional aspect of interoperability and as such it is an integral part of the design process for interoperable systems. In the last decade, academics and practitioners have shown their interest in information security, for example by developing security models for evaluating products and setting up security specifications in order to safeguard the confidentiality, integrity, availability and accountability of data. Earlier research has shown that measures to achieve information security in the administrative or organisational level are missing or inadequate. Therefore, there is a need to improve information security models by including vital elements of information security. In this paper, we introduce a holistic view of information security based on a Swedish model combined with a literature survey. Furthermore we suggest extending this model using concepts based on semiotic theory and adopting the view of an information system as constituted of the technical, formal and informal (TFI) parts. The aim is to increase the understanding of the information security domain in order to develop a well-founded theoretical framework, which can be used both in the analysis and the design phase of interoperable systems. Finally, we describe and apply the Information Security (InfoSec) model to the results of three different case studies in the healthcare domain. Limits of the model will be highlighted and an extension will be proposed.In the context of information systems and information technology, information security is a concept that is becoming widely used. The European Network of Excellence INTEROP classifies information security as a nonfunctional aspect of interoperability and as such it is an integral part of the design process for interoperable systems. In the last decade, academics and practitioners have shown their interest in information security, for example by developing security models for evaluating products and setting up security specifications in order to safeguard the confidentiality, integrity, availability and accountability of data. Earlier research has shown that measures to achieve information security in the administrative or organisational level are missing or inadequate. Therefore, there is a need to improve information security models by including vital elements of information security. In this paper, we introduce a holistic view of information security based on a Swedish model combined with a literature survey. Furthermore we suggest extending this model using concepts based on semiotic theory and adopting the view of an information system as constituted of the technical, formal and informal (TFI) parts. The aim is to increase the understanding of the information security domain in order to develop a well-founded theoretical framework, which can be used both in the analysis and the design phase of interoperable systems. Finally, we describe and apply the Information Security (InfoSec) model to the results of three different case studies in the healthcare domain. Limits of the model will be highlighted and an extension will be proposed.Monograph's chapter