How do you make information security user friendly?
Section snippets
The past and the present
The security of the information assets is a requirement for all types of organisation, whether to protect the business or to meet legal or regulatory requirements. The security of information is not a new problem that has arisen with the increasing use of computing to process store and transmit information, it is just an old problem in a new environment. Before computers, we had filing cabinets, storage vaults and safes that valuable organisational information was stored in. To protect this
A new approach
It is clear from the number of reported information security breaches and the level of identity theft that the current approach is not effective. One approach that might improve the way users perceive information security would be to reverse the current trend of obfuscating the processes on the computer and make the security processes more visible to them. This would shift the balance from the computer being used as a tool that dealt with all of the security issues in the background but would
Conclusions
While the security functionality of Information and Communications Technologies (ICT) remains hidden from the user with the exception of hard to understand or meaningless messages and punitive actions, there is little chance that the perception of information security will improve. It is possible that with effort from a range of groups from system developers to people with a good knowledge of security and training course developers, that the way in which people perceive security can be
References (2)
- et al.
A comparison of Commercial and Military computer security Policies
(1987) Economics, psychology, and sociology of security