Information Security
Information security is an important concern for businesses. Companies invest significant funds to ensure that buildings and systems are technically secure. Unfortunately many overlook the responsibility that employees have for maintaining information security. This aspect is more difficult to control and is often overlooked. Compounding the problem is the fact that most employees are tethered to their offices by laptops, smart phones, tablet devices and remote access computers. These same devices are also used for personal communication and messagingincluding interactions on social media platforms such as Facebook, Twitter, and YouTube.
Information security is more than a technical domain. It involves human psychology and the desire to keep connected and maintain communications with others on a constant basis. Because enhancing security depends on changing the beliefs, attitudes, and behavior of individuals (and groups), it follows that social psychology can help organizations understand the best way to work with people to achieve this goal.
Based on new threats being identified, a better understanding of what constitutes information security literacy for end users is needed. There is a human element to information security that deals with psychology, motivation, education, and social aspects. There is a need to seek a deeper level of understanding of information security that has become part of daily life of home users and corporate employees because of increased reliance on information systems and the need to maintain electronic security.
Social networking sites in particular have become a huge phenomenon on the Internet and users on these sites are most vulnerable to cybercrime. Social media sites (such as Facebook) are the most visited sites in the world. These sites allow sharing of pictures, music, and videos, and they are a window into the life of individuals of all ages. Because users freely exchange multimedia content, there is huge potential for viruses and other threats to spread throughout the network. In addition to network security threats, the sites also provide a venue conducive to identity theft because the sites encourage users to volunteer personal information and post photos of themselves so information is accessible by all in web space. Most users willingly provide this information without realizing the consequences of such actions.
With thousands of new users joining social networking sites daily, the potential for malicious content to be exchanged greatly increases. Given the nature of these sites, users tend to be highly trusting and less enlightened of the security issues that are present. A deeper understanding of behavioral aspects information security is needed to protect corporate and home systems from malicious threats that have become a part of our daily lives when we use the Internet.
Test your knowledge - Take an Information Security Quiz
Resource links
- ShieldsUp!
- Vulnerability testing for home users.
- Crypto-Gram
- Monthly newsletter that has excellent information on security issues
- Making Security Measurable
- Provide measurable metrics for software vulnerabilities
- Information Security Data Standards
- Include Enumeration, Repository, Collection of resources
- Trace email source from header
- Useful link to determine phishing attempts
