Title :
An information-centric approach to data security in organizations
Author :
Ahmad, A. ; Ruighaver, A.B. ; Teo, W.T.
Author_Institution :
Dept. of Inf. Syst., Melbourne Univ., Melbourne, VIC
Abstract :
Many organizations focus on a computing-centric approach to information security whilst neglecting the security of information on paper and amongst personnel This paper presents a model that is both media-independent and information-centric, allowing organizations to pursue an integrated methodology towards analysing risks and providing information protection across all types of media. Using this model to map information flows within business and knowledge processes will quickly show that it will be almost impossible to control all risks, but the resulting detailed risk profile may enable the organization to explore alternative processes with lower risks.
Keywords :
security of data; computing-centric approach; data security; detailed risk profile; information security; information-centric approach; media-independent; Computer networks; Credit cards; Data security; Information analysis; Information security; Information systems; Personnel; Protection; Risk analysis; Technology management;
Conference_Titel :
TENCON 2005 2005 IEEE Region 10
Conference_Location :
Melbourne, Qld.
Print_ISBN :
0-7803-9311-2
DOI :
10.1109/TENCON.2005.301322
