Open Access. Powered by Scholars. Published by Universities.®
Articles 31 - 38 of 38
Full-Text Articles in Entire DC Network
Information Security Governance And Boards Of Directors: Are They Compatible?, Endre Bihari
Information Security Governance And Boards Of Directors: Are They Compatible?, Endre Bihari
Australian Information Security Management Conference
This paper presents a critique of emergent views on the roles of the boards of directors in relation to information security. The analysis highlights several concerns about the separation and validation of proper theory and business assertions of information security at board level. New requirements articulated by industry bodies – represented by a selected group of experts and evident in literature – are compared to the underlying theory of corporate governance to identify possible discrepancies. The discussion shows in particular the importance of staying within the theoretical underpinnings of corporate governance when discussing the topic of governance in general and …
Improving Information Security Management In Nonprofit Organisations With Action, Mark Carey-Smith, Karen Nelson, Lauren May
Improving Information Security Management In Nonprofit Organisations With Action, Mark Carey-Smith, Karen Nelson, Lauren May
Australian Information Security Management Conference
Information security is vital for protecting important assets of organisations, including the information resources and the organisation’s reputation. In Australia, the nonprofit sector makes a significant contribution to society but is under represented in the information security literature. This paper describes research in progress that is investigating and improving information security management in some nonprofit organisations (NPOs), which incorporates a participatory action research methodology. This approach will enhance the skill set likely to be present in Australian nonprofit organisations, producing a more sustainable solution, as well as contributing to the open literature. The Technology Acceptance Model will be utilised as …
Medical Insecurity: When One Size Does Not Fit All, Patricia A. Williams
Medical Insecurity: When One Size Does Not Fit All, Patricia A. Williams
Australian Information Security Management Conference
Security is most commonly seen as a business concept. This is one reason for the poor uptake and implementation of standard security processes in non-business environments such as general medical practice. It is clear that protection of sensitive patient information is imperative yet the overarching conceptual business processes required to ensure this protection are not well suited to this context. The issue of sensitivity of information, together with the expectation that security can be effectively implemented by non-security trained professionals creates an insecure environment. The general security processes used by business, including those for risk assessment, are difficult to operationally …
Evolution Of A Database Security Course: Using Non-Enterprise Teaching Tools, Justin Brown
Evolution Of A Database Security Course: Using Non-Enterprise Teaching Tools, Justin Brown
Australian Information Security Management Conference
This paper examines the issues in delivering a university unit of teaching in database security, examining problems in database environment selection and the ability to provide hands on training for students via oncampus and online modes. Initial problems with Linux and then Windows based enterprise database environments prompted the adoption of Microsoft Access as a database tool that was easier to deliver in-class and online. Though Access is file based and has fundamental flaws in its security implementation (within the enterprise context) it can be tweaked to emulate RDBMS level security, allowing students to see how a properly designed security …
Electronic Surveillance In Hospitals: A Review, Sue Kennedy
Electronic Surveillance In Hospitals: A Review, Sue Kennedy
Australian Information Security Management Conference
This paper focuses on the increasing use of electronic surveillance systems in hospitals and the apparent lack of awareness of the implications of these systems for privacy of the individual. The systems are used for identification and tracking of equipment, staff and patients. There has been little public comment or analysis of these systems with regard to privacy as their implementation has been driven by security issues. The systems that gather this information include video, smart card and more recently RFID systems. The system applications include tracking of vital equipment, labelling of blood and other samples, tracking of patients, new …
Telemedicine And The Digital Door Doctor, Darren Webb, Patricia A. Williams
Telemedicine And The Digital Door Doctor, Darren Webb, Patricia A. Williams
Australian Information Security Management Conference
Telemedicine is changing the way medicine can be practiced, and how medical knowledge is communicated, learnt and researched in today’s technologically oriented society. The adoption of internet based communication has significantly expanded the patients’ ability to access a multitude of world class medical information. Research has shown that patients would welcome the ability to consult a doctor using the same computing tools they use to communicate with family, friends and work colleagues. This paper discusses the use of telemedicine today and how it could be used to access medical services from home. Further, it investigates the incentives and barriers to …
Benchmarking E-Business Security: A Model And Framework, Graeme Pye, Matthew J. Warren
Benchmarking E-Business Security: A Model And Framework, Graeme Pye, Matthew J. Warren
Research outputs pre 2011
The dynamic nature of threats and vulnerabilities within the E-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, E-business security has to become proactive, by reviewing and continuously improving security to strengthen E-business security measures and policies. This can be achieved through benchmarking the security measures and policies utilised within the E-business, against recognised information technology (IT) and information security (IS) security standards.
Information Security: A Misnomer, William Hutchinson
Information Security: A Misnomer, William Hutchinson
Research outputs pre 2011
This paper argues that the definition of 'information' is crucial to the understanding of 'information security'. At present, information security concentrates on the technological aspects of data, computer and network security. This computer-centric approach ignores the fact that the majority of information within an organisation is derived from other sources than computer stored data. The implications for security are that much data can be leaked from an organisation even if the computer and network systems are secured.