Evaluating the human factor in Information Security
Master thesis
Permanent lenke
https://hdl.handle.net/10642/444Utgivelsesdato
2009Metadata
Vis full innførselSamlinger
Sammendrag
Despite the vast research in Information Security, the human factor has been
found to lack interest from the research community, with most security research
giving focus on the technological component of an Information Technology
system. Regardless of any introduced technological solutions, the human
factor is still subject to attacks and thus, in need of auditing and addressing
any existing vulnerabilities. This research evaluates the human factor by
the creation of a survey which examines five distinct user properties. Each of
these properties comprise a series of questions, which with their turn assist on
confirmation or refutation of five hypotheses. The survey was conducted on
two higher academic institutions and distributed to all members of staff who
have access on electronic information. Results have shown that the human
factor has a significant role in Information Security; it is confirmed that users’
behaviour is linked to technology interaction, data importance perception and
security oriented education. Furthermore, there is evidence that users who are
non vulnerable to various types of attacks, are not necessarily invulnerable to
social engineering attacks.
Beskrivelse
Master i nettverks- og systemadministrasjon
Utgiver
Høgskolen i Oslo. Avdeling for ingeniørutdanningUniversitetet i Oslo