Home // SECURWARE 2011, The Fifth International Conference on Emerging Security Information, Systems and Technologies // View article

End User Computing Environments for Improved Information Security

Authors:
Pankaj Goyal

Keywords: information security; data loss prevention; insider threats; end-user computing environment

Abstract:
Access control does not prevent an authorized “insider” inadvertently or deliberately leaking information to an unauthorized external or internal party. The “insider threat” is one of the greatest threats to enterprise security, and nearly 70% of recently surveyed organizations view Web 2.0 (and by extension cloud computing environments) as a serious data loss risk. The primary focus has been on Data Loss Prevention (DLP) methods to prevent “malicious” data leakage; data leakage includes data loss as well as inadvertent data sharing. In today’s highly interconnected world, with a proliferation of camera equipped cell phones, preventing data loss by a determined insider, possibly in collusion with other insiders is impossible. However, if as multiple analyses of data breaches show, the majority of data breaches (as high as 80% of all data breaches) occur from end-user error then the incidence and resulting loss from data breaches can be significantly reduced. This paper presents a method for organizing the end-user computing (EUC) environment to prevent inadvertent data leakage and, thus, improve information security.

Pages: 115 to 120

Copyright: Copyright (c) IARIA, 2011

Publication date: August 21, 2011

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-146-5

Location: Nice/Saint Laurent du Var, France

Dates: from August 21, 2011 to August 27, 2011