| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font

Show document

Title:Unlimited access to information systems with mobile devices : information security perspective
Authors:ID Bernik, Igor (Author)
ID Markelj, Blaž (Author)
Files:.pdf 04_Bernik_Markelj.pdf (884,10 KB)
MD5: A9C8262447396CECC5226117CDF20174
PID: 20.500.12556/dkum/b1fd6b12-9573-40f8-bedb-392ace8eab24
 
URL https://www.fvv.um.si/rv/arhiv/2011-4/04_Bernik_Markelj-E.html
 
Language:English
Work type:Scientific work (r2)
Typology:1.02 - Review Article
Organization:FVV - Faculty of Criminal Justice and Security
Abstract:Purpose: Mobile devices have become an indispensible part of modern communications; they enable easy access to the Internet and also remote manipulation of data stored in corporate information systems. The number of mobile device users is on the rise, but most of them don’t comprehend completely the less obvious functions of these devices. Users also have almost no control over background computer programs, because they run without their knowledge and volition. From the standpoint of information security, a lack of awareness of the risks can seriously compromise the integrity of corporate networks and information systems. The weakest links are users, but also the technology itself. To ensure the functioning and security of information systems, corporations and individual users should learn about protective mechanisms. It is also important that users adhere to implemented (internal) safety regulations. Design/Methods/Approach: We used descriptive and comparative methods, and made an overview of published literature, as well as processes pertaining to the use of mobile devices and related security issues. We compared general elements of information security in regard to the use of mobile devices. Findings: At present mobile devices are more and more frequently used to access information systems. The majority of users are concerned almost exclusively with the question, how to get uninterrupted remote access to data, but far less with security issues. This paper presents some guidelines for achieving and maintaining information security. Research limitations/implications: It has been noted, that this is a time of turbulent development and evolution in the field of mobile devices, and also related security issues, so best practices haven’t been defined yet. Corporations and other organizations have just recently begun defining guidelines to eliminate security breaches through mobile devices, therefore a comparison of their implemented solutions is practically impossible. VS_ Practical implications: We propose guidelines, which can be used to: minimize information security risks posed by mobile devices; evaluate the current state of information security; and implement protective measures against cyber threats encountered by corporations and individual users of mobile devices. Originality/Value: Information security is a relatively new field because mobile devices and remote access to the Internet and data have just recently come into wider use. At the same time security issues and protective measures have stayed largely overlooked. Security threats are many, so it is impervious that users learn more about them and adopt some necessary security measures.
Keywords:information security, blended threats, mobile devices, corporate information systems, business integrity
Year of publishing:2011
Publication status in journal:Published
Article version:Publisher's version of article
Number of pages:str. 406-417
Numbering:Letn. 13, št. 4
PID:20.500.12556/DKUM-76349 New window
UDC:004.056
ISSN on article:1580-0253
COBISS.SI-ID:2306282 New window
NUK URN:URN:SI:UM:DK:1MHIPLAK
Publication date in DKUM:12.05.2020
Views:822
Downloads:45
Metadata:XML RDF-CHPDL DC-XML DC-RDF
Categories:Misc.
:
Kopiraj citat
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:AddThis
AddThis uses cookies that require your consent. Edit consent...

Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Record is a part of a journal

Title:Varstvoslovje
Shortened title:Varstvoslovje
Publisher:Ministrstvo za notranje zadeve Republike Slovenije, Visoka policijsko-varnostna šola, Ministrstvo za notranje zadeve Republike Slovenije, Visoka policijsko-varnostna šola, Univerza v Mariboru, Fakulteta za policijsko-varnostne vede, Univerza v Mariboru, Fakulteta za varnostne vede
ISSN:1580-0253
COBISS.SI-ID:99492352 New window

Licences

License:CC BY 4.0, Creative Commons Attribution 4.0 International
Link:http://creativecommons.org/licenses/by/4.0/
Description:This is the standard Creative Commons license that gives others maximum freedom to do what they want with the work as long as they credit the author.
Licensing start date:12.05.2020

Secondary language

Language:Slovenian
Title:Neomejen dostop do informacijskih sistemov z mobilnimi napravami : informacijskovarnostna perspektiva
Abstract:Namen prispevka: Mobilne naprave so postale stalnica vsakodnevnega komuniciranja, dostopa do omrežij in oddaljenega dela s podatki v zaprtih korporativnih informacijskih sistemih. Število uporabnikov se skokovito povečuje, malo uporabnikov pa delovanje naprav razume, prav tako pa nimajo pregleda nad delovanjem elementov naprave za komunikacijo v ozadju, kjer ni potrebna direktna interakcija z uporabnikom. Nepoznavanje, s stališča informacijske varnosti oziroma varne uporabe mobilnih naprav, lahko resno ogrozi informacijski sistem celotne organizacije. Šibka člena pri zagotavljanju informacijske varnosti sta uporabnik in tehnologija. Za zagotavljanje stalnega dela in ustrezno stopnjo varnosti je pomembno poznavanje varnostnih mehanizmov s strani uporabnikov in spoštovanje predpisanih omejitev za varno delo. Metode: Uporabljeni sta bili deskriptivna in primerjalna metoda. Narejen je bil pregled literature in postopkov, ki navajajo rabo mobilnih naprav in njihovo zaščito. Primerjani so bili elementi splošne in varne rabe mobilnih naprav z vidika informacijske varnosti. Ugotovitve: Uporaba mobilnih naprav za oddaljen dostop do informacijskih sistemov je v začetni fazi. Večina organizacij in uporabnikov se ukvarja zgolj z zagotavljanjem dostopa in delom, pozabljajo pa na informacijsko-varnostni vidik. Prispevek predstavlja smernice za vzpostavitev večje stopnje informacijske varnosti. Omejitve/uporabnost raziskave: Zaradi turbolentnega razvoja in sprememb na omenjenem področju je razumevanje uporabe mobilnih naprav v začetni fazi in dostopnost do uspešnih praks (angl. best practices) omejena. Izdelava smernic varne rabe mobilnih naprav in njihovo udejanjanje v praksi je v začetni fazi, zato ni možna primerjalna analiza uspešnosti predlaganih ukrepov. Praktična uporabnost: Predstavljene so smernice varne rabe mobilnih naprav, ocena trenutnega stanja informacijske varnosti in smernice za zaščito pred grožnjami, katerim so izpostavljeni organizacije in posamezniki ob uporabi mobilnih naprav. Izvirnost/pomembnost prispevka: Uporabniki so šele pred kratkim začeli množično uporabljati mobilne naprave za dostopanje do podatkov, zato so nova tudi informacijsko-varnostna vprašanja, vezana na mobilno tehnologijo. Širša raba oddaljenega dostopanja se šele uveljavlja, varnostni postopki in mehanizmi pa so zanemarjeni. Ker se kažejo možnosti zlorabe in uresničenja groženj, pa je pred udejanjanjem pomembno zagotoviti ustrezna znanja in postopke, da ne pride do tega.
Keywords:informacijska varnost, kombinirane grožnje, mobilne naprave, poslovanje


Collection

This document is a part of these collections:
  1. Varstvoslovje

Comments

Leave comment

You must log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica