Estratégia de segurança da informação em empresas de desenvolvimento de software para dispositivos móveis
| Ano de defesa: | 2013 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Estadual de Maringá
Brasil Departamento de Informática Programa de Pós-Graduação em Ciência da Computação UEM Maringá, PR Centro de Ciências de Tecnologia |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | http://repositorio.uem.br:8080/jspui/handle/1/2514 |
Resumo: | With advances in the areas of telecommunication, computing and miniaturization of computers new technology products were developed and quickly became key points to new approaches for communication and business strategies. And with the current state of the business world where you have the growing use of technology to reduce costs and increase productivity, software development companies have ported their applications to mobile platforms given the current market. However as organizations acquire mobile solutions, new attributes and features are identified to be suitable for both the development of software for mobile devices like the security of information, as new risks and challenges and urged the company managers. Among these new risks and challenges is the need for information security management to address the peculiarities of companies in the context of software development for mobile devices. This paper presents a strategy for information security in companies developing software for mobile devices that aims to assist information security protecting its main assets. The strategy involves a framework with themes that include project management, mobile technologies and aspects of information security, addressing elements to ensure the security of information such as the interpretation of the ISO 27001 definition of project scope, preparing the SGSI , survey and risk analysis, training and development of standards and procedures for security and business continuity management. The evaluation of the strategy followed the principles of software engineering from the perspective of experimental information security managers. |