Developing customer need based services in personal security service industry

The purpose of this thesis is to examine how services can be developed and how the voice of the customer can be incorporated to the strategic planning of services. Furthermore, the objective is to investigate the methods of customer need analysis and service bundling. The data is collected from secondary and primary sources by reviewing the existing academic literature and by conducting in-depth interviews and surveys. The main findings of this research indicate that the service development in personal security service industry should be conducted through a formalized process and the process should begin with setting the strategic objectives. Moreover, the voice of the customer should be incorporated into all stages of the development process, especially into the front-end of the process. Furthermore, the information on customer needs should be gathered in a manner tailored for the purposes of service development.

A cyber security architecture for military networks using a cognitive network approach

Cyber security is one of the main topics that are discussed around the world today. The threat is real, and it is unlikely to diminish. People, business, governments, and even armed forces are networked in a way or another. Thus, the cyber threat is also facing military networking. On the other hand, the concept of Network Centric Warfare sets high requirements for military tactical data communications and security. A challenging networking environment and cyber threats force us to consider new approaches to build security on the military communication systems. The purpose of this thesis is to develop a cyber security architecture for military networks, and to evaluate the designed architecture. The architecture is described as a technical functionality. As a new approach, the thesis introduces Cognitive Networks (CN) which are a theoretical concept to build more intelligent, dynamic and even secure communication networks. The cognitive networks are capable of observe the networking environment, make decisions for optimal performance and adapt its system parameter according to the decisions. As a result, the thesis presents a five-layer cyber security architecture that consists of security elements controlled by a cognitive process. The proposed architecture includes the infrastructure, services and application layers that are managed and controlled by the cognitive and management layers. The architecture defines the tasks of the security elements at a functional level without introducing any new protocols or algorithms. For evaluating two separated method were used. The first method is based on the SABSA framework that uses a layered approach to analyze overall security of an organization. The second method was a scenario based method in which a risk severity level is calculated. The evaluation results show that the proposed architecture fulfills the security requirements at least at a high level. However, the evaluation of the proposed architecture proved to be very challenging. Thus, the evaluation results must be considered very critically. The thesis proves the cognitive networks are a promising approach, and they provide lots of benefits when designing a cyber security architecture for the tactical military networks. However, many implementation problems exist, and several details must be considered and studied during the future work.

The consequences of e-HRM on line managers

The purpose of this research was to provide a deeper insight into the consequences of electronic human resource management (e-HRM) for line managers. The consequences are viewed as used information system (IS) potentials pertaining to the moderate voluntaristic category of consequences. Due to the need to contextualize the research and draw on line managers’ personal experiences, a qualitative approach in a case study setting was selected. The empirical part of the research is loosely based on literature on HRM and e-HRM and it was conducted in an industrial private sector company. In this thesis, method triangulation was utilized, as nine semi-structured interviews, conducted in a European setting, created the main method for data collection and analysis. Other complementary data such as HRM documentation and statistics of e-HRM system usage were utilized as background information to help to put the results into context. E-HRM has partly been taken into use in the case study company. Line managers tend to use e-HRM when a particular task requires it, but they are not familiar with all the features and possibilities which e-HRM has to offer. The advantages of e-HRM are in line with the company’s goals. The advantages are e.g. an transparency of data, process consistency, and having an efficient and easy-to-use tool at one’s disposal. However, several unintended, even contradictory, and mainly negative outcomes can also be identified, such as over-complicated processes, in-security in use of the tool, and the lack of co-operation with HR professionals. The use of e-HRM and managers’ perceptions regarding e-HRM affect the way in which managers perceive the consequences of e-HRM on their work. Overall, the consequences of e-HRM are divergent, even contradictory. The managers who considered e-HRM mostly beneficial to their work found that e-HRM affects their work by providing information and increasing efficiency. Those managers who mostly perceived challenges in e-HRM did not think that e-HRM had affected their role or their work. Even though the perceptions regarding e-HRM and its consequences might reflect the strategies, the distribution of work, and the ways of working in all HRM in general and can’t be generalized as such, this research contributed to the field of e-HRM and it provides new perspectives to e-HRM in the case study organization and in the academic field in general.

Maakaasumarkkinoiden integroimiseen vaikuttavat tekijät Suomessa ja Baltiassa

Tässä työssä tutkitaan, miksi maakaasumarkkinoita integroidaan ja mitkä tekijät ohjaavat Suomen ja Baltian maakaasumarkkinoiden yhdentymiskehitystä. Tutkimuskysymyksiin pyrittiin vastaamaan asiantuntijahaastatteluiden perusteella. EU:n tavoitteena on luoda Eurooppaan toimivat energian sisämarkkinat, ja huolena on ollut esimerkiksi Suomen ja Baltian eristäytyminen muiden EU:n jäsenvaltioiden energiamarkkinoista. Keskeisimmät hyödyt markkinaintegraatiosta ovat toimitusvarmuuden paraneminen vaihtoehtoisten hankintalähteiden myötä sekä suuremman markkinan muodostuminen, jolloin hinnanmuodostus on tehokkaampaa. Markkinoiden integroimiseksi tarvitaan investointeja infrastruktuuriin. Lisäksi markkinoiden integroituessa tulee ottaa käyttöön ENTSOG:n verkkokoodit. Markkinoiden yhdistyminen luo myös uusia liiketoimintamahdollisuuksia.

Enhancing Security of Linux OS against Administrators

Inside cyber security threats by system administrators are some of the main concerns of organizations about the security of systems. Since operating systems are controlled and managed by fully trusted administrators, they can negligently or intentionally break the information security and privacy of users and threaten the system integrity. In this thesis, we propose some solutions for enhancing the security of Linux OS by restricting administrators’ access to superuser’s privileges while they can still manage the system. We designed and implemented an interface for administrators in Linux OS called Linux Admins’ User Interface (LAUI) for managing the system in secure ways. LAUI along with other security programs in Linux like sudo protect confidentiality and integrity of users’ data and provide a more secure system against administrators’ mismanagement. In our model, we limit administrators to perform managing tasks in secure manners and also make administrators accountable for their acts. In this thesis we present some scenarios for compromising users’ data and breaking system integrity by system administrators in Linux OS. Then we evaluate how our solutions and methods can secure the system against these administrators’ mismanagement.

New threats - old routines : bureaucratic adaptability in the security policy environment

Within the framework of state security policy, the focus of this dissertation are the relations between how new security threats are perceived and the policy planning and bureaucratic implementation that are designed to address them. In addition, this thesis explores and studies some of the inertias that might exist in the core of the state apparatus as it addresses new threats and how these could be better managed. The dissertation is built on five thematic and interrelated articles highlighting different aspects of when new significant national security threats are detected by different governments until the threats on the policy planning side translate into protective measures within the society. The timeline differs widely between different countries and some key aspects of this process are also studied. One focus concerns mechanisms for adaptability within the Intelligence Community, another on the policy planning process within the Cabinet Offices/National Security Councils and the third focus is on the planning process and how policy is implemented within the bureaucracy. The issue of policy transfer is also analysed, revealing that there is some imitation of innovation within governmental structures and policies, for example within the field of cyber defence. The main findings of the dissertation are that this context has built-in inertias and bureaucratic seams found in most government bureaucratic machineries. As much of the information and planning measures imply security classification of the transparency and internal debate on these issues, alternative assessments become limited. To remedy this situation, the thesis recommends ways to improve the decision-making system in order to streamline the processes involved in making these decisions. Another special focus of the thesis concerns the role of the public policy think tanks in the United States as an instrument of change in the country’s national security decision-making environment, which is viewed from the perspective as being a possible source of new ideas and innovation. The findings in this part are based on unique interviews data on how think tanks become successful and influence the policy debate in a country such as the United States. It appears clearly that in countries such as the United States think tanks smooth the decision making processes, and that this model with some adaptations also might be transferrable to other democratic countries.