Publicação

Definition of information systems security policies

Ver documento

Detalhes bibliográficos
Resumo:Information is considered to be the most critical asset in the business world and the management of the risks associated with information must become a pattern practice within the companies [1]. Therefore, the adoption of an Information Systems Security (ISS) policy for the protection of such an asset makes total sense. Organizations handle increasingly larger amounts of information in technological supports, which makes continuously stricter and broader security controls indispensable. The technological process may work as a catalyst for threats but is not alone enough to ensure the effective security of information. Just as if not more important than reaching the appropriate levels of information security within each organization is being able to maintain them. Having software and hardware which contributes to the security of information is not enough. Organizations must also have a security policy and a good security management so as to firmly anchor the efforts to protect the assets of the information system [2]. In order to better understand the concept of ISS policy, it is convenient to distinguish it from concepts such as norms, directives and procedures. Table 1 shows the differences between these concepts.
Autores principais:Lopes, Isabel Maria
Outros Autores:Pereira, João Paulo; Oliveira, Pedro
Assunto:Information security Definition of security policies Information systems security policies
Ano:2017
País:Portugal
Tipo de documento:comunicação em conferência
Tipo de acesso:acesso restrito
Instituição associada:Instituto Politécnico de Bragança
Idioma:inglês
Origem:Biblioteca Digital do IPB
_version_ 1867173074535710720
author Lopes, Isabel Maria
author2 Pereira, João Paulo
Oliveira, Pedro
author2_role author
author
author_facet Lopes, Isabel Maria
Pereira, João Paulo
Oliveira, Pedro
author_role author
contributor_name_str_mv Biblioteca Digital do IPB
country_str PT
creators_json_txt [{\"Person.name\":\"Lopes, Isabel Maria\",\"Person.identifier.orcid\":\"0000-0002-5614-3516\"},{\"Person.name\":\"Pereira, João Paulo\",\"Person.identifier.orcid\":\"0000-0001-9259-0308\"},{\"Person.name\":\"Oliveira, Pedro\",\"Person.identifier.orcid\":\"0000-0001-8346-1694\"}]
datacite.contributors.contributor.contributorName.fl_str_mv Biblioteca Digital do IPB
datacite.creators.creator.creatorName.fl_str_mv Lopes, Isabel Maria
Pereira, João Paulo
Oliveira, Pedro
datacite.date.Accepted.fl_str_mv 2017-01-01T00:00:00Z
datacite.date.available.fl_str_mv 2017-05-08T11:12:56Z
datacite.date.embargoed.fl_str_mv 2017-05-08T11:12:56Z
datacite.rights.fl_str_mv http://purl.org/coar/access_right/c_16ec
datacite.subjects.subject.fl_str_mv Information security
Definition of security policies
Information systems security policies
datacite.titles.title.fl_str_mv Definition of information systems security policies
dc.contributor.none.fl_str_mv Biblioteca Digital do IPB
dc.creator.none.fl_str_mv Lopes, Isabel Maria
Pereira, João Paulo
Oliveira, Pedro
dc.date.Accepted.fl_str_mv 2017-01-01T00:00:00Z
dc.date.available.fl_str_mv 2017-05-08T11:12:56Z
dc.date.embargoed.fl_str_mv 2017-05-08T11:12:56Z
dc.format.none.fl_str_mv application/pdf
dc.identifier.none.fl_str_mv http://hdl.handle.net/10198/14259
dc.language.none.fl_str_mv eng
dc.publisher.none.fl_str_mv Springer International Publishing
dc.rights.cclincense.fl_str_mv http://creativecommons.org/licenses/by/4.0/
dc.rights.none.fl_str_mv http://purl.org/coar/access_right/c_16ec
dc.subject.none.fl_str_mv Information security
Definition of security policies
Information systems security policies
dc.title.fl_str_mv Definition of information systems security policies
dc.type.none.fl_str_mv http://purl.org/coar/resource_type/c_5794
description Information is considered to be the most critical asset in the business world and the management of the risks associated with information must become a pattern practice within the companies [1]. Therefore, the adoption of an Information Systems Security (ISS) policy for the protection of such an asset makes total sense. Organizations handle increasingly larger amounts of information in technological supports, which makes continuously stricter and broader security controls indispensable. The technological process may work as a catalyst for threats but is not alone enough to ensure the effective security of information. Just as if not more important than reaching the appropriate levels of information security within each organization is being able to maintain them. Having software and hardware which contributes to the security of information is not enough. Organizations must also have a security policy and a good security management so as to firmly anchor the efforts to protect the assets of the information system [2]. In order to better understand the concept of ISS policy, it is convenient to distinguish it from concepts such as norms, directives and procedures. Table 1 shows the differences between these concepts.
dirty 0
eu_rights_str_mv restrictedAccess
format conferencePaper
fulltext.url.fl_str_mv https://bibliotecadigital.ipb.pt/bitstreams/94ad62aa-f5f8-4e2d-9209-c3fae9ec3673/download
id ipb_8b236eab71e4b4a5044c403dc6bc016e
identifier.url.fl_str_mv http://hdl.handle.net/10198/14259
instacron_str ipb
institution Instituto Politécnico de Bragança
instname_str Instituto Politécnico de Bragança
language eng
network_acronym_str ipb
network_name_str Biblioteca Digital do IPB
oai_identifier_str oai:bibliotecadigital.ipb.pt:10198/14259
organization_str_mv urn:organizationAcronym:ipb
person_str_mv Lopes, Isabel Maria
Lopes, Isabel Maria
https://www.ciencia-id.pt/8812-AE1C-A316
8812-AE1C-A316
http://orcid.org/0000-0002-5614-3516
0000-0002-5614-3516
Pereira, João Paulo
Pereira, João Paulo
https://www.ciencia-id.pt/8916-6CB8-AEB1
8916-6CB8-AEB1
http://orcid.org/0000-0001-9259-0308
0000-0001-9259-0308
Oliveira, Pedro
Oliveira, Pedro
http://orcid.org/0000-0001-8346-1694
0000-0001-8346-1694
publishDate 2017
publisher.none.fl_str_mv Springer International Publishing
reponame_str Biblioteca Digital do IPB
repository_id_str urn:repositoryAcronym:ipb
service_str_mv urn:repositoryAcronym:ipb
spelling engSpringer International Publishingpt_PTInformation is considered to be the most critical asset in the business world and the management of the risks associated with information must become a pattern practice within the companies [1]. Therefore, the adoption of an Information Systems Security (ISS) policy for the protection of such an asset makes total sense. Organizations handle increasingly larger amounts of information in technological supports, which makes continuously stricter and broader security controls indispensable. The technological process may work as a catalyst for threats but is not alone enough to ensure the effective security of information. Just as if not more important than reaching the appropriate levels of information security within each organization is being able to maintain them. Having software and hardware which contributes to the security of information is not enough. Organizations must also have a security policy and a good security management so as to firmly anchor the efforts to protect the assets of the information system [2]. In order to better understand the concept of ISS policy, it is convenient to distinguish it from concepts such as norms, directives and procedures. Table 1 shows the differences between these concepts.application/pdfpt_PTDefinition of information systems security policiesPersonalLopes, Isabel MariaDSpacehttp://dspace.org/items/111716db-94a0-4c24-b739-330dc2ae79fcDSpacehttp://dspace.org/items/111716db-94a0-4c24-b739-330dc2ae79fcLopesIsabel MariaCiência IDhttps://www.ciencia-id.pt8812-AE1C-A316ORCIDhttp://orcid.org0000-0002-5614-3516Researcher IDhttps://www.researcherid.comA-1728-2014Scopus Author IDhttps://www.scopus.com55211017300Scopus Author IDhttps://www.scopus.com57190212117Scopus Author IDhttps://www.scopus.com57207843433PersonalPereira, João PauloDSpacehttp://dspace.org/items/55b6262f-9aaf-4fd0-8e83-e858a2a92402DSpacehttp://dspace.org/items/55b6262f-9aaf-4fd0-8e83-e858a2a92402PereiraJoão PauloCiência IDhttps://www.ciencia-id.pt8916-6CB8-AEB1ORCIDhttp://orcid.org0000-0001-9259-0308Researcher IDhttps://www.researcherid.comM-8214-2013Scopus Author IDhttps://www.scopus.com23135900800PersonalOliveira, PedroDSpacehttp://dspace.org/items/b2d880bb-278b-489c-aa8f-353cfd99f0faDSpacehttp://dspace.org/items/b2d880bb-278b-489c-aa8f-353cfd99f0faOliveiraPedroORCIDhttp://orcid.org0000-0001-8346-1694HostingInstitutionOrganizationalBiblioteca Digital do IPBe-mailmailto:dspace@ipb.ptdspace@ipb.ptISBNIsPartOf978-3-319-56540-8DOIIsPartOf10.1007/978-3-319-56541-5_232017-05-08T11:12:56Z20172017-01-01T00:00:00ZHandlehttp://hdl.handle.net/10198/14259http://purl.org/coar/access_right/c_16ecrestricted accessInformation securityDefinition of security policiesInformation systems security policies8385914 bytesother research producthttp://purl.org/coar/resource_type/c_5794conference paper2017http://creativecommons.org/licenses/by/4.0/http://purl.org/coar/access_right/c_16ecapplication/pdffulltexthttps://bibliotecadigital.ipb.pt/bitstreams/94ad62aa-f5f8-4e2d-9209-c3fae9ec3673/downloadRecent Advances in Information Systems and Technologies571225234Porto Santo, Madeira, Portugal
spellingShingle Definition of information systems security policies
Lopes, Isabel Maria
Information security
Definition of security policies
Information systems security policies
status SINGLETON
subject.fl_str_mv Information security
Definition of security policies
Information systems security policies
title Definition of information systems security policies
title_full Definition of information systems security policies
title_fullStr Definition of information systems security policies
title_full_unstemmed Definition of information systems security policies
title_short Definition of information systems security policies
title_sort Definition of information systems security policies
topic Information security
Definition of security policies
Information systems security policies
topic_facet Information security
Definition of security policies
Information systems security policies
url http://hdl.handle.net/10198/14259
visible 1