1 / 11

SECURITY CONSIDERATIONS FOR COMPUTER PERSONNEL

SECURITY CONSIDERATIONS FOR COMPUTER PERSONNEL. Tom Richards, Steve Guynes and Wayne Spence April 12, 2010. Organization. Introduction Sources of Computer Crime Organizational Climate and Morale Communication Job Satisfaction Job Rotation and Enlargement Employee Training Summary

jerry
Download Presentation

SECURITY CONSIDERATIONS FOR COMPUTER PERSONNEL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURITY CONSIDERATIONS FOR COMPUTER PERSONNEL Tom Richards, Steve Guynes and Wayne Spence April 12, 2010

  2. Organization • Introduction • Sources of Computer Crime • Organizational Climate and Morale • Communication • Job Satisfaction • Job Rotation and Enlargement • Employee Training • Summary • Conclusion

  3. Introduction • Relationship between computer crime and employee management has not received the attention it deserves. • “Employee management” is used in contrast to “Personnel management” • There is a direct relationship between the way employees who work with or have access to the computer are managed and the amount of computer crime occurring within a firm.

  4. Sources of Computer Crime • Management should develop and maintain effective employee management practices that will discourage criminal activities • Management must become concerned not only with hiring of well trained, dependable personnel, but also ensure that these people remain individuals of integrity by treating them in a manner which promotes this desired behavior. • Good employee management policies can serve as preventative measures in reducing the risk of computer crime

  5. Organizational Climate and Morale • Employee management strategies include • Management's increased awareness of the prevailing climate and attitudes of its personnel • Improved communication between management and its employees • Maintenance of a good working environment in which there is little motivation to breach security system • Management can become aware of the climate within an organization by • Grapevine (Unofficial path of verbal communication) • An open door policy that encourages feedback • Observations of attitudes displayed by employees • Establishment of close relations with the personnel department • Staying alert to office politics.

  6. Communication • By increasing interaction , both groups can better understand the needs of the other and thus develop "team spirit“ • It is extremely important that employees feel they are a valuable and contributing part in achieving the organizational and financial goals of their company. • Employee should be given a sense of belonging • While an employee might be hesitant to "inform" on fellow workers while directly interacting with them, an employee leaving the company might have a different attitude (Exit Interview)

  7. Job Satisfaction • Are the needs which motivate personnel working with the computer different from those in other professions? • Survey suggests that DP personnel have a higher need for personal growth than the average • Points to five key factors • Development of a variety of skills • Identity with work, • Task significance, • Autonomy • Feedback. • Major complaints of these employees is related to the limited career paths offered to the technical specialist.

  8. Job Rotation and Enlargement • Major motivating factors in the commission of crime by computer is the challenge involved. • If an employee is challenged sufficiently by his or her job, he/she may feel less compelled to challenge the system • Job rotation : might be implemented by allowing a programmer to perhaps be an application programmer for a year, then a user consultant and then a systems analyst. • Job enlargement: refers to the concept of allowing a person to be responsible for several tasks as opposed to one at a time. • Undetected security breach may be compartmentalized to the duration of the job rotation cycle.

  9. Employee Training • Management can show that they are concerned with employee development by encouraging them to participate in a number of advanced training opportunities. • In addition to gaining knowledge, it will help employees perceive that management is attempting to make their work more meaningful. • This will help to increase the worker's self esteem and sense of pride as well as increase employee morale.

  10. Summary • Security and its relationship to computing personnel is a critical issue • Management must provide an environment in which an otherwise honest person is not tempted to perform illegal acts. • Security measures : Predisposition, motive, and opportunity. • Person's predisposition cannot be guaranteed, one must identify those employees and situations which might lend themselves to the commission of an illegal act. • Effectively remove the motive • Denythe individual an opportunityto conduct illegal acts.

  11. Conclusions • Thank you for your time • Questions and feedback are welcome

More Related