| | SLO | ENG | Cookies and privacy

Bigger font | Smaller font
First page > Show document

Show document Help

Title:Implementacija informacijsko varnostne politike in zagotavljanje ozaveščenosti zaposlenih v UKC Maribor
Authors:ID Jahić, Alem (Author)
ID Brezavšček, Alenka (Mentor) More about this mentor... New window
Files:.pdf MAG_Jahic_Alem_2025.pdf (3,45 MB)
MD5: E405AB5E579B7AFD008C4FDD31D2B05E
 
Language:Slovenian
Work type:Master's thesis/paper
Typology:2.09 - Master's Thesis
Organization:FOV - Faculty of Organizational Sciences in Kranj
Abstract:Magistrsko delo obravnava zagotavljanje informacijske varnosti v UKC Maribor z namenom zagotavljanja neprekinjenega poslovanja in zmanjšanja možnosti varnostnih incidentov s poudarkom na skrbnem varovanju podatkov o pacientih. Informacijska varnost v zdravstvu sloni predvsem na zaposlenih, saj prav oni vsak dan delajo s podatki pacientov. Problem zagotavljanja informacijske varnosti v UKC Maribor na eni strani rešujemo s tehničnimi rešitvami, kot so požarnimi zidovi, protivirusna zaščita, posodobljena strojna in programska oprema itd. Na drugi strani so neozaveščeni uporabniki, ki so lahko vstopna točka za kibernetske napade, zato je ozaveščanje uporabnikov eden ključnih dejavnikov pri zagotavljanju informacijske varnosti. Za raziskavo smo pripravili anketni vprašalnik, ki je bil anketirancem deljen s pomočjo orodja za spletno anketiranje 1KA. Statistično obdelavo podatkov smo izvedli s pomočjo programskih paketov Excel in SPSS. Druga faza raziskave je obsegala simulacijo napada na osnovi socialnega inženiringa, ki je bil izveden z uporabo namensko pripravljenih USB ključkov. Poglavitni rezultati raziskave kažejo, da je na podlagi samoocene poznavanja obstoječe varnostne politike in ozaveščenosti na področju informacijske varnosti zaposlenih v UKC Maribor stanje sprejemljivo. Nadaljnji rezultati anketne raziskave in simulacije napada z USB ključki pa kažejo, da je stanje ravno nasprotno. Na podlagi teh rezultatov smo pripravili portal za ozaveščanje o informacijski/kibernetski varnosti, s katerim bomo izboljšali informacijsko ozaveščenost.
Keywords:informacijska varnost, varnostna politika, zdravstvo, socialni inženiring
Place of publishing:Kranj
Year of publishing:2025
PID:20.500.12556/DKUM-91539 New window
COBISS.SI-ID:231876611 New window
Publication date in DKUM:08.04.2025
Views:0
Downloads:46
Metadata:XML DC-XML DC-RDF
Categories:FOV
:
Copy citation
  
Average score:(0 votes)
Your score:Voting is allowed only for logged in users.
Share:Bookmark and Share


Hover the mouse pointer over a document title to show the abstract or click on the title to get all document metadata.

Licences

License:CC BY-NC-ND 4.0, Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International
Link:http://creativecommons.org/licenses/by-nc-nd/4.0/
Description:The most restrictive Creative Commons license. This only allows people to download and share the work for no commercial gain and for no other purposes.
Licensing start date:14.01.2025

Secondary language

Language:English
Title:Implementation of information security policy and ensuring employee awareness in UKC Maribor
Abstract:The master's thesis addresses the provision of information security in UKC Maribor with the aim of ensuring business continuity and reducing the possibility of security incidents with an emphasis on the careful protection of patient data. Information security in healthcare relies primarily on employees, as they are the ones who work with patient data every day. The problem of ensuring information security at UKC Maribor is solved on the one hand with technical solutions such as firewalls, anti-virus protection, updated hardware and software, etc. On the other hand, there are uninformed users who can thus enter the point for cyberattacks, making user awareness one of the key factors in ensuring information security. For the research, we prepared a survey questionnaire, which was distributed to the respondents using 1KA online survey tools. Statistical data processing was conducted using Excel and SPSS software packages. The second phase of the research involved a simulation of a social engineering attack, which was executed using specially prepared USB sticks. The main results of the research show that, based on the self-assessed knowledge of the existing security policy and awareness in the field of information security of the employees of UKC Maribor, the situation is acceptable. Further results of the survey and the simulation of an attack with USB sticks show that the situation is exactly the opposite. Based on the results, we developed a portal for information/cyber security awareness, which will improve information awareness.
Keywords:information security, security policy, healthcare, social engineering


Comments

Leave comment

You must log in to leave a comment.

Comments (0)
0 - 0 / 0
 
There are no comments!

Back
Logos of partners University of Maribor University of Ljubljana University of Primorska University of Nova Gorica