Article

Article title SYSTEMS APPROACH TO IMPROVE THE EFFICIENCY AGAINST INSIDER USERS IN THE ORGANIZATION’S INFORMATION SYSTEMS
Authors A.M. Tsybulin, M.N. Svishcheva
Section SECTION I. CONCEPTUAL ISSUES OF INFORMATION SECURITY
Month, Year 12, 2013 @en
Index UDC 004.056.5, 004.89
DOI
Abstract Systematic approach to improving the effectiveness of a struggle against insider activities of the users is suggested in this article. The effectiveness of users’ work with any information during working hours is controlled. Employee performance evaluation aims to compare the actual content, quality, volumes and intensity of work of the personnel with the established norms. To counter the information leaks through the fault of insiders software complex that enables to identify a potentially hazardous actions of users, to evaluate the effectiveness of their functions implementation and to prevent leakage of confidential information has been developed. The results of this software package approbation are presented. The experimental researches have shown, that the program complex reliably identifies users who violate the established security policy and its pro- posed recommendations allow improving the efficiency of their work. Efficiency was increased by 12 %, by blocking the insider activities of users.

Download PDF

Keywords Attack; insider activity; information security; inventory; user efficiency.
References 1. Исследование утечек информации из компаний и госучреждений России 2012 [электронный ресурс] // InfoWatch [Офиц. сайт]. URL: http://www.infowatch.ru/analytics/reports/3073 (дата обращения 03.12.13).
2. Трудовой кодекс Российской Федерации от 30.12.2001 N 197-ФЗ [электронный ресурс] // КонсультантПлюс. URL: http://www.consultant.ru/popular/tkrf/ (дата обращения 03.12.13).
3. Тененко М.И., Пескова О.Ю. Анализ рисков информационной безопасности // Известия ЮФУ. Технические науки. – 2011. – № 12 (125). – C. 49-58.
4. Методы мониторинга и обеспечения безопасности для поддержания работоспособности корпоративной сети [электронный ресурс] // SecurityLab [Офиц. сайт]. URL:
http://www.securitylab.ru/analytics/301808.php (дата обращения 03.12.13).
5. Никишова А.В. Архитектура типовой информационной системы для задачи обнаружения атак // Известия ЮФУ. Технические науки. – 2011. – № 12 (125). – C. 104-110.
6. Цыбулин А.М. Архитектура автоматизированной системы управления информационной безопасностью предприятия // Известия ЮФУ. Технические науки. – 2011. – № 12 (125). – C. 58-64.

Comments are closed.