When trust defies common security sense
When trust defies common security sense
Admin on Sun Jun 07, 2009 9:06 pm
37. Williams PAH., 2008, When trust defies common security sense, DOI: 10.1177/1081180X08092831. Sage Publication.
a. Poor recognition of potential security threats and deficiency in awareness of the ethical dilemmas are apparent in the literature, together with a lack of awareness of legal ramifications of technologically related breaches of patient confidentiality and privacy.
b. This lack of conceptual understanding and Poor Implementation capability significantly contribute to the underestimation of security threats.
c. Contextual factors have been found to contribute significantly to the recognition and success of information security practice.
d. Further. the appraisal and underestimation of threats can potentially be attributed to the underlying culture in the medical context.
e. Interference with workflow and normal work practice can be a major factor in the success or failure of security protection measures. Hence, this research L~~= Investigates the interaction between these factors of understanding, underestimation and had, culture and their resulting effect on information security practice,
f. These were selected as significant factors in security froze the literature and highlight the underlying human Factors in security practice
g. The interviews inquired upon:
i. Demographics; this includes type of Medical practice, system and applications. Information security is contextual and dependent on the manner in which information is used, recorded and shared
ii. Actual Practice; current practice in security is required as a baseline for benchmarking the level of risk and security, and to assess possible change following any intervention.
iii. Issues and barriers; the issues which affect Information security are important. 4 Perceptions. How security issues are perceived in addition to knowledge of security is important.
h. However, during the analysis it was found that trust, capability, cost, time, knowledge (or lack of) poor implementation technique, attitude and inconsistencies were recurrent themes throughout the Interviews and appear to have a major impact on the resulting security implementation profile
i. Further, there is trust that staff responsible for information security are aware of all the responsibilities and possess the relevant knowledge
j. In the analysis of the overall results, it is clear that specific areas of security practice are dealt with poorly. These include:
i. There is no clear delineation of responsibility for security.
ii. Risk assessment is not undertaken
iii. Policy is usually ad hoe and not in written form.
iv. Security measures are often implemented Incorrectly or poorly including monitoring of existing measures.
v. The capability and understanding of staff is in question in regards to security.
vi. Education of staff is required.
vii. More appropriate procedures could be put in place
k. Further, it shows that a culture of trust affects policy formulation, and creates confidence in staff to maintain confidentiality and privacy, and to implement security measures correctly without scrutiny.
a. Poor recognition of potential security threats and deficiency in awareness of the ethical dilemmas are apparent in the literature, together with a lack of awareness of legal ramifications of technologically related breaches of patient confidentiality and privacy.
b. This lack of conceptual understanding and Poor Implementation capability significantly contribute to the underestimation of security threats.
c. Contextual factors have been found to contribute significantly to the recognition and success of information security practice.
d. Further. the appraisal and underestimation of threats can potentially be attributed to the underlying culture in the medical context.
e. Interference with workflow and normal work practice can be a major factor in the success or failure of security protection measures. Hence, this research L~~= Investigates the interaction between these factors of understanding, underestimation and had, culture and their resulting effect on information security practice,
f. These were selected as significant factors in security froze the literature and highlight the underlying human Factors in security practice
g. The interviews inquired upon:
i. Demographics; this includes type of Medical practice, system and applications. Information security is contextual and dependent on the manner in which information is used, recorded and shared
ii. Actual Practice; current practice in security is required as a baseline for benchmarking the level of risk and security, and to assess possible change following any intervention.
iii. Issues and barriers; the issues which affect Information security are important. 4 Perceptions. How security issues are perceived in addition to knowledge of security is important.
h. However, during the analysis it was found that trust, capability, cost, time, knowledge (or lack of) poor implementation technique, attitude and inconsistencies were recurrent themes throughout the Interviews and appear to have a major impact on the resulting security implementation profile
i. Further, there is trust that staff responsible for information security are aware of all the responsibilities and possess the relevant knowledge
j. In the analysis of the overall results, it is clear that specific areas of security practice are dealt with poorly. These include:
i. There is no clear delineation of responsibility for security.
ii. Risk assessment is not undertaken
iii. Policy is usually ad hoe and not in written form.
iv. Security measures are often implemented Incorrectly or poorly including monitoring of existing measures.
v. The capability and understanding of staff is in question in regards to security.
vi. Education of staff is required.
vii. More appropriate procedures could be put in place
k. Further, it shows that a culture of trust affects policy formulation, and creates confidence in staff to maintain confidentiality and privacy, and to implement security measures correctly without scrutiny.
Admin- Admin
- Posts: 68
Join date: 2008-12-14
Age: 41
Location: Dundee UK 
Permissions of this forum:
You cannot reply to topics in this forum
» Aligning Usability and Security: A Usability Study of Polaris
» Security and usability: the case of the user authentication methods
» Evaluation of Tolimac: a secure library management system for controlling access to, and payment for
» An experimental Investigation of the Usability of Transaction Authorization in online Bank Security Systems
» Creating a Worldwide community Security structure using Individually Maintained Home Computers
» When trust defies common security sense
» The psychology of everyday things
» Comparing customer trust in virtual salespersons with customer trust in human salespersons