Gestão da informação e do conhecimento no âmbito das práticas de segurança da informação: pessoas, processos e tecnologia
| Ano de defesa: | 2012 |
|---|---|
| Autor(a) principal: | |
| Orientador(a): | |
| Banca de defesa: | |
| Tipo de documento: | Dissertação |
| Tipo de acesso: | Acesso aberto |
| Idioma: | por |
| Instituição de defesa: |
Universidade Federal de Minas Gerais
UFMG |
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: | |
| Link de acesso: | http://hdl.handle.net/1843/ECID-943P97 |
Resumo: | Purpose: This study intends to investigate the interrelation between the human element and the information security in the corporate context, in order to analyze how, why and in which circumstances security failures, that involve people, happen, and also to understand how to deal with them.Approach/Methodology: The proposal is to develop a quali-quantitative study, within the scope of Applied Social Sciences, which may contribute to clarify the interference of the human element in the information security. The aim is to identify user profiles with interrelation with security failures, to understand how frequently technological devices, that may generate loss of information that has value to the company, are used, to find situations in which security failures occur, the nature of security incidents and their reason.Results: From the evaluation of the data, it was possible to conclude that the people element is a critical variable in the informational security management of the organizations. The information policies must be accessible to the employees and possible to be executed. In relation to the technology, it is valid to continue the investments, however they must be balanced with the development of informal controls (people) and formal controls (policies and procedures) so as the informational security management becomes more effective and efficient. |