Email security policy implementation in multinational organisations with special reference to privacy laws
- Authors: Dixon, Henry George
- Date: 2003
- Subjects: Electronic mail systems -- Security measures , Privacy, Right of , Electronic mail systems -- Management , Electronic mail systems -- Law and legislation
- Language: English
- Type: Thesis , Masters , MTech (Business Information Systems)
- Identifier: vital:10790 , http://hdl.handle.net/10948/229 , Electronic mail systems -- Security measures , Privacy, Right of , Electronic mail systems -- Management , Electronic mail systems -- Law and legislation
- Description: In 1971, scientist Ray Tomlinson sent what is now considered the first email message. It was considered as “nothing short of revolutionary … deserv[ing] a spot in the list of great communication inventions such as the printing press, telegraph and telephone” (Festa, 2001). Whereas email was first used exclusively in the military (Arpanet) and in academic circles, it has now become almost ubiquitous, used widely for private, as well as for business correspondence. According to a Berkeley study (Berkeley, 2000), there were approximately 440 million corporate and personal [e-] mailboxes worldwide in 2001, of which more than a third was corporate mailboxes. As a result of the extensive use of email in the corporate environment, Information Officers have to ensure that the use of email adds business value. In an “always on” market place, the efficiency, immediacy and cost effectiveness of email communication are immediately evident. A study by Ferris Research, quoted by Nchor (2001), shows that there is “an overall productivity gain of US$9000 per employee as they send and receive emails to get projects done.” However, the use of email in the corporate envi-ronment also poses business risks that need to be uniquely addressed. Among these “key business risks” (Surfcontrol, 2001) are security risks, viruses, legal liability, pro-ductivity loss and bandwidth abuse. To address the risks mentioned above and to protect the business value of email, spe-cific policies have to be implemented that address email usage. Information Security Policies are defined in most corporate environments. In a study done by Elron Soft-ware (2001), 83% of respondents who have abused email have company policies regu-lating email usage. There appears to be a gap between policy conception and policy implementation. Various factors inhibit effective policy implementation – ethical, legal and cultural. The implementation of corporate policy becomes especially complex in multinational environments where differing information law Email usage is ubiquitous in the modern business environment, but few companies adequately manage the risks associated with email.
- Full Text:
- Date Issued: 2003
WSP3: a web service model for personal privacy protection
- Authors: Ophoff, Jacobus Albertus
- Date: 2003
- Subjects: Data protection , Computer security , Privacy, Right of
- Language: English
- Type: Thesis , Masters , MTech (Information Technology)
- Identifier: vital:10798 , http://hdl.handle.net/10948/272 , Data protection , Computer security , Privacy, Right of
- Description: The prevalent use of the Internet not only brings with it numerous advantages, but also some drawbacks. The biggest of these problems is the threat to the individual’s personal privacy. This privacy issue is playing a growing role with respect to technological advancements. While new service-based technologies are considerably increasing the scope of information flow, the cost is a loss of control over personal information and therefore privacy. Existing privacy protection measures might fail to provide effective privacy protection in these new environments. This dissertation focuses on the use of new technologies to improve the levels of personal privacy. In this regard the WSP3 (Web Service Model for Personal Privacy Protection) model is formulated. This model proposes a privacy protection scheme using Web Services. Having received tremendous industry backing, Web Services is a very topical technology, promising much in the evolution of the Internet. In our society privacy is highly valued and a very important issue. Protecting personal privacy in environments using new technologies is crucial for their future success. These facts, combined with the detail that the WSP3 model focusses on Web Service environments, lead to the following realizations for the model: The WSP3 model provides users with control over their personal information and allows them to express their desired level of privacy. Parties requiring access to a user’s information are explicitly defined by the user, as well as the information available to them. The WSP3 model utilizes a Web Services architecture to provide privacy protection. In addition, it integrates security techniques, such as cryptography, into the architecture as required. The WSP3 model integrates with current standards to maintain their benefits. This allows the implementation of the model in any environment supporting these base technologies. In addition, the research involves the development of a prototype according to the model. This prototype serves to present a proof-of-concept by illustrating the WSP3 model and all the technologies involved. The WSP3 model gives users control over their privacy and allows everyone to decide their own level of protection. By incorporating Web Services, the model also shows how new technologies can be used to offer solutions to existing problem areas.
- Full Text:
- Date Issued: 2003