Information and Knowledge Management in the Scope of the Information Security practices: the human factor within Organizations

Authors

  • Luciana Emirena Santos Carneiro Pontifícia Universidade Católica de Minas Gerais - Belo Horizonte - MG
  • Maurício Barcellos Almeida Universidade Federal de Minas Gerais, UFMG, Brasil.

DOI:

https://doi.org/10.5007/1518-2924.2013v18n37p175

Keywords:

Information Security, Information and Knowledge Management, Informational Behavior

Abstract

The security of informational assets has always been a corporate requirement. These assets can be scaled in three main spheres, namely, people, organizational processes and technologies. The internet, the web, the broadcast of networks, and the growing presence of technology both in people's lives and in organizational contexts have caused profound transformations in the intrinsic processes that constitute personal and organizational routines. On the one hand, these changes provided by the technological progress have fostered competitiveness and decentralization; on the other hand, they require better management, control, security and protection for information and knowledge. This article presents the results of an investigation within information security realm, focusing on the human aspects of knowledge and information management related to security practices. Using a quality-quantitative approach, we identify behavioral actions and profiles of employees of a company in the field of healthcare, which reveal some connections with information security failures. We conclude that the human element is a relevant variable, even a critical one, for the management of information security in organizations.

Downloads

Download data is not yet available.

References

ALLEN, B. L. Toward a user-centered approach to information systems. Los Angeles: Academic Press, 1996, 308p.

ALMEIDA, M.B. Aplicação de Ontologias em Segurança da Informação. Fonte, v.4, n.7, p.75-83, 2007.

ANDALÉCIO, A.L.; SOUZA, R.R. Ciência Cognitiva e Ciência da Informação: Paralelos. Inf. Inf., v.13, n.1, p.72- 80, jan./jul.,2008.

BABBIE, E. Métodos de Pesquisa Survey. Tradução Guilherme Cezarino. Belo Horizonte: UFMG, 1999. 519 p.

BARBOSA, R. R. Inteligência Empresarial: uma avaliação de fontes de informação sobre o ambiente organizacional externo. Disponível em: <http://www.dgz.org.br/dez02/Art_03.htm>. Acesso:10 dezembro 2011

BEAUTEMENT, A.; SASSE, M.A. (2010). The Compliance Budget: The economics of user effort in information security. Computer Fraud & Security, v.2009, n.10, Pages 8-12, 2009.

CHOO, C. W. A organização do conhecimento. 2a. ed. São Paulo: SENAC, 2006. 426p.

COLWILL, C. Human factors in information security: The insider threat & Who can you trust these days? Disponível em: <http://www.infosec.co.uk/files/istr_article_on_risk.pdf>. Acesso: 22 janeiro 2010.

DA VEIGA, A.; ELOFF, J.H.P. A framework and assessment instrument for information security culture. Computer & Security, v.29, p.196-207, 2010.

EVERETT, C. Cover Story: Education, Education, Education. Infosecurity, n.6, v.5, p. 14-18, 2008.

GHERNAOUTI-HÉLIE, S. An inclusive information society needs a global approach of information security. Disponível em: <http://ieeexplore.ieee.org/>. Acesso: 15 janeiro 2009.

HUANG, D. L.; RAU, P. L. P.; SALVENDY, G. Perception of information security. Behaviour & Information Technology, v.29, n.3, p. 221- 232, 2010.

KRAEMERA,S.; CARAYON, P.; CLEM, J. Human and organizational factors in computer and information security: Pathways to Vulnerabilities. Computer & Security, v.28, p. 509-520, 2009.

MALHOTRA, N. K. Pesquisa de Marketing: Uma Orientação Aplicada. Porto Alegre: Bookman, 2012. 720p.

MARCHIONINI, G. Digital Library Research and Development. Encyclopedia of Library and Information Science, v.63, p.611-19, 1998.

MEADOW, C. T. Text information retrieval systems. San Diego: Academic Press, 1992. 302p.

NARITA, T.; KITAMURA, Y. Persuasive Conversational Agent with persuasion tactics. LNCS, v. 6137, p.15-26, 2010.

NIEKERK, J.F.V.; SOLMS, R.V. Information Security Culture: A management perspective. Computer &Security, v.29, n.4, p.476-486, 2010.

PEREIRA, F. C. M. Uso de fontes de informação: um estudo em micro e pequenas empresas de consultoria de Belo Horizonte.155f. Mestrado em Ciência da Informação – Escola de Ciência da Informação, Universidade Federal de Minas Gerais, Belo Horizonte, 2006.

RICHARDSON, R. J. Pesquisa social: métodos e técnicas. 3ª Ed. São Paulo: Atlas, 2007

SVEEN, F. O.; TORRES, J. M.; SARRIEGI, J. M. Blind Information Security Strategy. International Journal of Critical infrastructure Protection, v.2, p.95-109, 2009.

WILSON, T.D. Revisiting user studies and information needs. Journal of Documentation, v. 62, p.680-684, 2006b

WILSON, T.D. On user studies and information needs. Journal of Documentation, v. 62, p.658-670, 2006c.

WORKMANN, M. Wisecrackers: A Theory-Grounded Investigation of Phishing and Pretext Social Engineering Threats to Information Security. Journal of American Society of Information Science and Technology, v.59, n.4, p. 662–674, 2007.

Downloads

Published

2013-08-13

How to Cite

CARNEIRO, Luciana Emirena Santos; ALMEIDA, Maurício Barcellos. Information and Knowledge Management in the Scope of the Information Security practices: the human factor within Organizations. Encontros Bibli: revista eletrônica de biblioteconomia e ciência da informação, [S. l.], v. 18, n. 37, p. 175–202, 2013. DOI: 10.5007/1518-2924.2013v18n37p175. Disponível em: https://periodicos.ufsc.br/index.php/eb/article/view/1518-2924.2013v18n37p175. Acesso em: 9 nov. 2024.

Issue

Vol. 18 No. 37 (2013)

Section

Articles

License

Copyright (c) 2013 Luciana Emirena Santos Carneiro, Maurício Barcellos Almeida

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The author must guarantee that:

  • there is full consensus among all the coauthors in approving the final version of the document and its submission for publication.
  • the work is original, and when the work and/or words from other people were used, they were properly acknowledged.

Plagiarism in all of its forms constitutes an unethical publication behavior and is unacceptable. Encontros Bibli has the right to use software or any other method of plagiarism detection.

All manuscripts submitted to Encontros Bibli go through plagiarism and self-plagiarism identification. Plagiarism identified during the evaluation process will result in the filing of the submission. In case plagiarism is identified in a manuscript published in the journal, the Editor-in-Chief will conduct a preliminary investigation and, if necessary, will make a retraction.

This journal, following the recommendations of the Open Source movement, provides full open access to its content. By doing this, the authors keep all of their rights allowing Encontros Bibli to publish and make its articles available to the whole community.

 

Encontros Bibli content is licensed under a Creative Commons Attribution 4.0 International License.

Any user has the right to:

  • Share - copy, download, print or redistribute the material in any medium or format.
  • Adapt - remix, transform and build upon the material for any purpose, even commercially.

According to the following terms:

  • Attribution - You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  • No additional restrictions - You may not apply legal terms or technological measures that legally restrict others from doing anything that the license permits.
Crossref
Scopus
Google Scholar
Europe PMC