989 resultados para corporate security
Resumo:
Työn tavoitteena oli selvittää mitä toimitilaturvallisuus on, mitkä ovat kohdeyrityksen emoyhtiön vaatimukset toimitilaturvallisuudelle ja mikä on toimitilaturvallisuuden tila diplomityön kohdeyrityksessä. Samalla tarkasteltiin mahdollisuutta toimitilaturvallisuuden mittaamiselle yrityksessä. Työn teoria koskettelee aluksi riskejä ja riskienhallintaa. Yritysriskien kautta siirrytään yritysturvallisuuteen ja erityisesti sen osa-alueista toimitilaturvallisuuteen eli yrityksen fyysiseen turvallisuuteen. Toimitilaturvallisuudesta esitellään sen osa-alueet ja niiden suojauskeinoja. Myös yritysturvallisuuden johtamista, johtamisen kehittämistä, sekä tuon kehityksen seuraamista mittarein käsitellään. Teorian lisäksi esitellään emoyrityksen vaatimukset toimitilaturvallisuudelle. Empiirinen osuus toteutettiin avoimin haastatteluin ja havainnoinnin avulla. Osuudessa tarkasteltiin toimitilaturvallisuuden nykytilaa kohdeyrityksessä verraten sitä teoriaan ja emoyrityksen vaateisiin. Vaikka kohdeyrityksen toimitilaturvallisuus olikin suhteellisen hyvällä mallilla, toimintaehdotuksia eri toimitilaturvallisuuden osa-alueille saatiin useita.
Resumo:
o objetivo deste estudo é identificar as necessidades de conhecimentos específicos dos executivos que tem como função a gerência/direção da área de segurança em uma empresa, e apresentar um modelo de curso de especialização que atenda os anseios destes profissionais. Uma vez que tal curso de especialização é ainda incipiente no Brasil, este estudo basear-se-á em programas de especialização em gerenciamento de segurança empresarial, existentes em universidades americanas, inglesas, espanholas e australianas, servido de modelo a serem adaptados à nossa realidade empresarial, à experiência dos executivos de gestão de segurança das empresas brasileiras e na realidade atual de nosso país em matéria de segurança empresarial. Esperamos através de uma pesquisa descritiva e aplicada, onde faremos uma breve exposição sobre a história da segurança, riscos e sua prevenção e áreas de estudo da segurança, apresentar uma estrutura curricular de um programa de pós-graduação em segurança empresarial, a qual deverá contemplar aspectos gerenciais comuns à qualquer tipo de organização, tais como, finanças, recursos humanos, logística etc; e também os aspectos de prevenção de perdas , tais como, segurança pessoal, do trabalho e meio ambiente,fisica, de informações etc. Esta estnltura deverá também atender às necessidades das empresas brasileiras, dentro da conjuntura atual brasileira, nos aspectos social, político, econômico e cultural.
Resumo:
Attacks to devices connected to networks are one of the main problems related to the confidentiality of sensitive data and the correct functioning of computer systems. In spite of the availability of tools and procedures that harden or prevent the occurrence of security incidents, network devices are successfully attacked using strategies applied in previous events. The lack of knowledge about scenarios in which these attacks occurred effectively contributes to the success of new attacks. The development of a tool that makes this kind of information available is, therefore, of great relevance. This work presents a support system to the management of corporate security for the storage, retrieval and help in constructing attack scenarios and related information. If an incident occurs in a corporation, an expert must access the system to store the specific attack scenario. This scenario, made available through controlled access, must be analyzed so that effective decisions or actions can be taken for similar cases. Besides the strategy used by the attacker, attack scenarios also exacerbate vulnerabilities in devices. The access to this kind of information contributes to an increased security level of a corporation's network devices and a decreased response time to occurring incidents
Resumo:
Increasingly users are seen as the weak link in the chain, when it comes to the security of corporate information. Should the users of computer systems act in any inappropriate or insecure manner, then they may put their employers in danger of financial losses, information degradation or litigation, and themselves in danger of dismissal or prosecution. This is a particularly important concern for knowledge-intensive organisations, such as universities, as the effective conduct of their core teaching and research activities is becoming ever more reliant on the availability, integrity and accuracy of computer-based information resources. One increasingly important mechanism for reducing the occurrence of inappropriate behaviours, and in so doing, protecting corporate information, is through the formulation and application of a formal ‘acceptable use policy (AUP). Whilst the AUP has attracted some academic interest, it has tended to be prescriptive and overly focussed on the role of the Internet, and there is relatively little empirical material that explicitly addresses the purpose, positioning or content of real acceptable use policies. The broad aim of the study, reported in this paper, is to fill this gap in the literature by critically examining the structure and composition of a sample of authentic policies – taken from the higher education sector – rather than simply making general prescriptions about what they ought to contain. There are two important conclusions to be drawn from this study: (1) the primary role of the AUP appears to be as a mechanism for dealing with unacceptable behaviour, rather than proactively promoting desirable and effective security behaviours, and (2) the wide variation found in the coverage and positioning of the reviewed policies is unlikely to be fostering a coherent approach to security management, across the higher education sector.
Resumo:
A szerzők tanulmányukban az információbiztonság egy merőben új, minőségi változást hozó találmányával, a kvantumkulcscserével (QKD-vel – quantum key distribution) foglalkoznak. Céljuk az, hogy az újdonságra mint informatikai biztonsági termékre tekintsenek, és megvizsgálják a bevezetéséről szóló vállalati döntés során felmerülő érveket, ellenérveket. Munkájuk egyaránt műszaki és üzleti szemléletű. Előbb elkülönítik a kvantumkulcscsere hagyományos eljárásokkal szembeni használatának motiváló tényezőit, és megállapítják, milyen körülmények között szükséges a napi működésben alkalmazni. Ezt követően a forgalomban is kapható QKD-termékek tulajdonságait és gyártóit szemügyre véve megfogalmazzák a termék széles körű elterjedésének korlátait. Végül a kvantumkulcscsere-termék bevezetéséről szóló vállalati döntéshozás különböző aspektusait tekintik át. Információbiztonsági és üzleti szempontból összehasonlítják az új, valamint a hagyományosan használt kulcscsereeszközöket. Javaslatot tesznek a védendő információ értékének becslésére, amely a használatbavétel költség-haszon elemzését támaszthatja alá. Ebből levezetve megállapítják, hogy mely szervezetek alkotják a QKD lehetséges célcsoportját. Utolsó lépésként pedig arra keresik a választ, melyik időpont lehet ideális a termék bevezetésére. _____ This study aims to illuminate Quantum Key Distribution (QKD), a new invention that has the potential to bring sweeping changes to information security. The authors’ goal is to present QKD as a product in the field of IT security, and to examine several pro and con arguments regarding the installation of this product. Their work demonstrates both the technical and the business perspectives of applying QKD. First they identify motivational factors of using Quantum Key Distribution over traditional methods. Then the authors assess under which circumstances QKD could be necessary to be used in daily business. Furthermore, to evaluate the limitations of its broad spread, they introduce the vendors and explore the properties of their commercially available QKD products. Bearing all this in mind, they come out with numerous factors that can influence corporate decision making regarding the installation of QKD. The authors compare the traditional and the new tools of key distribution from an IT security and business perspective. They also take efforts to estimate the value of the pieces of information to be protected. This could be useful for a subsequent cost–benefit analysis. Their findings try to provide support for determining the target audience of QKD in the IT security market. Finally the authors attempt to find an ideal moment for an organization to invest in Quantum Key Distribution.
Resumo:
Tässä luomistyössä on esitetty tutkimus informaation suojaamisen menetelmien osalta paikallisissa ja ryhmäkuntaisissa verkoissa. Tutkimukseen kuuluu nykyaikaisten kryptagraafisten järjestelmien, Internetin/Intranetin ohjelmointikeinojen ja pääsyoikeuksien jakelumenetelmien analyysi. Tutkimusten perusteella on laadittu ohjelmiston prototyyppi HTML-tiedostojen suojaamista varten. Ohjelmiston laatimisprosessi on sisältänyt vaatimusten, järjestelmän ja suojelukomponenttien suunnittelun ja protytyypin testauksen. Ohjelmiston realisoinnin jälkeen kirjoitettiin käyttöohjeet. Ohjelmiston prototyyppi suojaa informaatiota HTML-tiedoston koko käytön aikana ja eri yrityksissä voidaan käyttää sitä pienien laajennuksien jälkeen.
Resumo:
Peer-reviewed
Resumo:
The modern business development of China began during 1978 and during the last decades Chinese have created one of the most dynamic and strongest economies in the world. China is now second largest trading power calculated in dollars. The special characteristic of this economic development is that it is not copy of any existing economy, instead the developments have been strongly influenced by the Chinese cultural characteristics. One cultural characteristic, guanxi, which is a “network of services and counter- services” is argued to be major component of successful business in China where these changes of services happen between people but also between companies. Obtaining introductions and the guanxi when doing business in China will give attentive audience and security for companies business. Despite the evidenced importance of guanxi, China´s business environment is rapidly changing towards Western economies, which might then reduce the importance of guanxi. Therefore the current impact of guanxi is a important topic to study. The main purpose of this study is to explore the impact of guanxi for Western big and small sized multinational companies´ business processes when doing business in China. This study looks What is the impact of guanxi in contemporary Chinese business environment for foreign companies doing business in China. Sub-questions in this research focus on what is the impact of guanxi on corporate reputation, management and negotiations. Findings present a mixed view where the importance of guanxi is not anymore critical, especially among younger people in the cities, however guanxi was clearly important outside the cities and when dealing with government officials. Efficient use of guanxi can be extremely profitable especially during early stages of business operations and guanxi plays role when bargaining prices and ensuring product quality from the factories. Therefore guanxi should be considered as essential element for successful business in China.
Resumo:
Regression analysis has shown that recovery rates are determined by a variety of conditions at the time of default. These conditions can be broken into five major categories: (1) a security's seniority within the capital structure of the defaulting firm, (2) the type of default event, (3) firm-specific factors, (4) industry-specific factors, and (5) macroeconomic factors. Expectations of these inputs determine the expected recovery rate if default were to occur, thereby determining credit ratings and security prices. Although it is widely understood how recovery rate estimates influence credit rating assignments (the higher the expected recovery rate, the higher the assigned credit rating), no research, to the best of my knowledge, has investigated the reasons why higher rated securities recover more than lower rated securities in the event of default. Specifically, this paper will empirically investigate why securities originally rated investment grade, fallen angels, recover more than securities originally rated high yield in the event of default.
Resumo:
“Large-scale acquisition of land by foreign investors” is the correct term for a process where the verdict of guilt is often quicker than the examination. But is there something really new about land grab except in its extent? In comparison with colonial and post-colonial plantation operations, should foreign investors today behave differently? We generally accept coffee and banana exports as pro-growth and pro-development, just as for cars, beef and insurance. What then is wrong with an investment contract allowing the holder to buy a farm and to export wheat to Saudi Arabia, or soybeans and maize as cattle feed to Korea, or to plant and process sugar cane and palm oil into ethanol for Europe and China? Assuming their land acquisition was legal, should foreigners respect more than investment contracts and national legislation? And why would they not take advantage of the legal protection offered by international investment law and treaties, not to speak of concessional finance, infrastructure and technical cooperation by a development bank, or the tax holidays offered by the host state? Remember Milton Friedman’s often-quoted quip: “The business of business is business!” And why would the governments signing those contracts not know whether and which foreign investment projects are best for their country, and how to attract them? This chapter tries to show that land grab, where it occurs, is not only yet another symptom of regulatory failures at the national level and a lack of corporate social responsibility by certain private actors. National governance is clearly the most important factor. Nonetheless, I submit that there is an international dimension involving investor home states in various capacities. The implication is that land grab is not solely a question whether a particular investment contract is legal or not. This chapter deals with legal issues which seem to have largely escaped the attention of both human rights lawyers and, especially, of investment lawyers. I address this fragmentation between different legal disciplines, rules, and policies, by asking two basic questions: (i) Do governments and parliaments in investor home countries have any responsibility in respect of the behaviour of their investors abroad? (ii) What should they and international regulators do, if anything?
Resumo:
Federal Transit Administration, Washington, D.C.
Resumo:
Mode of access: Internet.
Resumo:
Federal Transit Administration, Washington, D.C.
