The Impact of Unavailability on the Effectiveness of Enterprise Information Security Technologies

Parkin, SE; Yassin, Kassab, R; van, Moorsel, A

doi:10.1007/978-3-540-68129-8_6

The Impact of Unavailability on the Effectiveness of Enterprise Information Security Technologies

Lookup NU author(s): Dr Simon Parkin, Dr Rouaa Yassin Kassab, Professor Aad van Moorsel

Downloads

Full text for this publication is not currently held within this repository. Alternative links are provided below where available.

Abstract

This paper surveys existing enterprise technologies that control access to confidential digital data, and analyzes the impact of system and staff unavailability on the obtained security. The researched technologies allow restrictions to be placed on copying, editing, viewing and printing from within various software applications, provide auditing options and prevent outsider access through encryption. We discuss USB access control solutions, digital rights management software, disk encryption techniques and operating system solutions, respectively. An interesting aspect of the various technologies is their reliance on the cooperation of various people and system components, thus making it vulnerable to unavailability of these people and components. Two opposite effects (security risk and productivity loss) determine the effectiveness of information security technologies, and we analyze the impact of unavailability of resources on both these metrics.