{"title":"实时取证分析:违反业务安全策略","authors":"G. Tanwar, A. S. Poonia","doi":"10.1109/IC3I.2014.7019695","DOIUrl":null,"url":null,"abstract":"Many more corporate entities today are utilizing ICTs to identify opportunities for innovative and customer-centric, value-added products and services. Indeed, information systems have been key characteristic of any growing and successful businesses, as they utilize ICTs for business value creation. The key motivation for the huge investment in IT infrastructures is to ensure an upsurge in revenue and retention of sizeable market share. Computer Usage policy is a document that provides guidelines that regulates the acceptable usage of these systems by end- users. The provision of these guidelines also serve as benchmark metrics in assessing the abuse or misuse of corporate information systems. These misuse and/or abuse are referred to as violations of computer usage in this study. 10 users, selected randomly from within each unit of a multi-lateral company, were observed for violations. Live computer forensics techniques utilizing EnCase, Microsoft reporting tools, WinHex, etc., were employed to investigate these violations. Notwithstanding the strict corporate policies, the study revealed that end-users virtually violated all computer usage policies. This paper further analyses and addresses the causes, effects and offers measures to mitigate computer usage violations.","PeriodicalId":430848,"journal":{"name":"2014 International Conference on Contemporary Computing and Informatics (IC3I)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Live forensics analysis: Violations of business security policy\",\"authors\":\"G. Tanwar, A. S. Poonia\",\"doi\":\"10.1109/IC3I.2014.7019695\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many more corporate entities today are utilizing ICTs to identify opportunities for innovative and customer-centric, value-added products and services. Indeed, information systems have been key characteristic of any growing and successful businesses, as they utilize ICTs for business value creation. The key motivation for the huge investment in IT infrastructures is to ensure an upsurge in revenue and retention of sizeable market share. Computer Usage policy is a document that provides guidelines that regulates the acceptable usage of these systems by end- users. The provision of these guidelines also serve as benchmark metrics in assessing the abuse or misuse of corporate information systems. These misuse and/or abuse are referred to as violations of computer usage in this study. 10 users, selected randomly from within each unit of a multi-lateral company, were observed for violations. Live computer forensics techniques utilizing EnCase, Microsoft reporting tools, WinHex, etc., were employed to investigate these violations. Notwithstanding the strict corporate policies, the study revealed that end-users virtually violated all computer usage policies. This paper further analyses and addresses the causes, effects and offers measures to mitigate computer usage violations.\",\"PeriodicalId\":430848,\"journal\":{\"name\":\"2014 International Conference on Contemporary Computing and Informatics (IC3I)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 International Conference on Contemporary Computing and Informatics (IC3I)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IC3I.2014.7019695\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 International Conference on Contemporary Computing and Informatics (IC3I)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IC3I.2014.7019695","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Live forensics analysis: Violations of business security policy
Many more corporate entities today are utilizing ICTs to identify opportunities for innovative and customer-centric, value-added products and services. Indeed, information systems have been key characteristic of any growing and successful businesses, as they utilize ICTs for business value creation. The key motivation for the huge investment in IT infrastructures is to ensure an upsurge in revenue and retention of sizeable market share. Computer Usage policy is a document that provides guidelines that regulates the acceptable usage of these systems by end- users. The provision of these guidelines also serve as benchmark metrics in assessing the abuse or misuse of corporate information systems. These misuse and/or abuse are referred to as violations of computer usage in this study. 10 users, selected randomly from within each unit of a multi-lateral company, were observed for violations. Live computer forensics techniques utilizing EnCase, Microsoft reporting tools, WinHex, etc., were employed to investigate these violations. Notwithstanding the strict corporate policies, the study revealed that end-users virtually violated all computer usage policies. This paper further analyses and addresses the causes, effects and offers measures to mitigate computer usage violations.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
