• Login
    View Item 
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSIT Theses and Dissertations
    • MSIT Theses and Dissertations (2013)
    • View Item
    •   SU+ Home
    • Research and Publications
    • Faculty of Information Technology (FIT)
    • FIT Projects, Theses and Dissertations
    • MSIT Theses and Dissertations
    • MSIT Theses and Dissertations (2013)
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Cost based data security model for organizations

    Thumbnail
    View/Open
    Thesis (1.914Mb)
    Date
    2013
    Author
    Maroria, Ezra
    Metadata
    Show full item record
    Abstract
    As information systems threat environment continue to escalate and change, the focus on information security shifts towards effectiveness and efficiency of security countermeasure. Organizations continue to suffer the consequences of data breach with many paying high fines, loosing important data, reputation damages and even others going entirely out of business. This scenario has led to organizations layering security countermeasures one upon another from logical to physical and administrative controls to ensure they protect their assets. Ensuring strong information security is resource consuming and very costly given the limited security budget. On the other hand different information/data requires different security level depending on its nature or classification. For example some information may require basic security level because of its less sensitive nature, while others may require higher protection level because of their highly sensitive nature. This demands that information security spending be reviewed as thoroughly as other management decisions. In this research, using a qualitative and quantitative research methodology, various ways of data classification are identified, these include; classification based on type of data, owner, value of data, sensitivity of data, legal and regulatory requirement, user needs etc. The research also investigates various data security requirement and problems. Those identified include; the CIA, legal requirements, data response, utility, accountability and privacy. On data problems, networked environment, users related challenges, complexity of computing tools and integrated environments, E-commerce issues, poor data security governance and internet are identified as key challenges. The research also involves analysis of data security models where gaps and deficiencies are identified. A cost based data security model for implementing security based on data security requirements for different class of data is developed. This model is a step towards data security control costs identification and optimization where data security is implementation is informed by the data security needs.
    URI
    http://hdl.handle.net/11071/2346
    Collections
    • MSIT Theses and Dissertations (2013) [30]

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV
     

     

    Browse

    All of SU+Communities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    Login

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    Theme by 
    Atmire NV