{"title":"Service desk link into IT asset disposal: A case of a discarded IT asset","authors":"A. Adesemowo, Kerry Thompson","doi":"10.1109/ICASTECH.2013.6707517","DOIUrl":null,"url":null,"abstract":"With the advent of Big Data and strategic investment into complex best-in-breed Governance, Risk, Compliance initiative, and the imminent introduction of Protection of Personal Information Bill in South Africa, are organizations in control of Information Technology Asset throughout its useful life. We look at oversight over IT Asset interface with IT Service Desk support function. Intruders like flowing water will explore the weakest opening much like a chain with the weakest link. In so far sound an organization's information security and internal controls are; it takes just the non-effectiveness or non-existence of a control, such as during IT Asset disposal for a vulnerability to be exploited and a breach to occur. This paper illustrates our finding from forensic analysis of a disposed IT Asset and discovered that we are far from improper disposal and its attendant risk. In actual fact, we are able to link improper disposal to lack of integration between IT Service Desk and IT Asset Disposal. We conclude by outlining considerations an organization should consider in integrating IT asset disposal with IT service desk.","PeriodicalId":173317,"journal":{"name":"2013 International Conference on Adaptive Science and Technology","volume":"174 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Adaptive Science and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICASTECH.2013.6707517","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
With the advent of Big Data and strategic investment into complex best-in-breed Governance, Risk, Compliance initiative, and the imminent introduction of Protection of Personal Information Bill in South Africa, are organizations in control of Information Technology Asset throughout its useful life. We look at oversight over IT Asset interface with IT Service Desk support function. Intruders like flowing water will explore the weakest opening much like a chain with the weakest link. In so far sound an organization's information security and internal controls are; it takes just the non-effectiveness or non-existence of a control, such as during IT Asset disposal for a vulnerability to be exploited and a breach to occur. This paper illustrates our finding from forensic analysis of a disposed IT Asset and discovered that we are far from improper disposal and its attendant risk. In actual fact, we are able to link improper disposal to lack of integration between IT Service Desk and IT Asset Disposal. We conclude by outlining considerations an organization should consider in integrating IT asset disposal with IT service desk.
随着大数据的出现和对复杂的最佳治理、风险、合规计划的战略投资,以及南非即将出台的《个人信息保护法案》,在信息技术资产的整个使用寿命中,组织都在控制着信息技术资产。我们着眼于对IT资产接口与IT服务台支持功能的监督。像流水一样的入侵者会探索最薄弱的开口,就像一条带有最薄弱环节的链条。到目前为止,一个组织的信息安全和内部控制是健全的;它只需要控制无效或不存在,例如在it资产处置期间,就可以利用漏洞并发生破坏。本文阐述了我们对处置的IT资产进行法医学分析的发现,并发现我们远离了不当处置及其伴随的风险。实际上,我们能够将不当的处理与IT Service Desk和IT Asset disposal之间缺乏集成联系起来。最后,我们概述了组织在将IT资产处置与IT服务台集成时应该考虑的事项。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
