인식제고 관리

(출처 : wikipedia)
보안 인식은 물리적이고 특별한 조직의 특별한 정보자산의 보호에 관련하여 조직 구성원의 지식과 태도를 말한다.

정보인식 훈련에 포함할 내용 :

• The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information
• Employee and contractor responsibilities in handling sensitive information, including review of employee nondisclosure agreements
• Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction
• Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication
• Other computer security concerns, including malware, phishing, social engineering, etc.
• Workplace security, including building access, wearing of security badges, reporting of incidents, forbidden articles, etc.
• Consequences of failure to properly protect information, including potential loss of employment, economic consequences to the firm, damage to individuals whose private records are divulged, and possible civil and criminal penalties