현재 위치: WiKi Security Spirit » 인식제고 관리

차이

문서의 선택한 두 판 사이의 차이를 보여줍니다.

차이 보기로 링크

다음 판		이전 판
awareness [2013/07/08 07:23] – 새로 만듦 220.71.11.86awareness [2024/04/04 05:12] (현재) – 바깥 편집 127.0.0.1
줄 2: 줄 2:
  
 ===== 정보보안 인식(Security awareness) ===== ===== 정보보안 인식(Security awareness) =====
-(출처 : wikipedia)\\ 
-보안 인식은 물리적이고 특별한 조직의 특별한 정보자산의 보호에 관련하여 조직 구성원의 지식과 태도를 말한다.  
  
-정보인식 훈련에 포함할 내용 :+==== 정보보안 인식 개요 ==== 
 +\\ 
 +(techtarget.com)\\ 
 +Security awareness training is a formal process for educating employees about computer security.\\ 
 +A good security awareness program should educate employees about corporate policies and procedures for working with information technology (IT).  Employees should receive information about who to contact if they discover a security threat and how to handle confidential information. Regular training is particularly necessary in organizations with high turnover rates and those that rely heavily on contract or temporary staff.  Confirming how well the awareness program is working can be difficult. The most common metric looks for a downward trend in the number of incidents over time.\\
  
-  * The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information +\\ 
-  * Employee and contractor responsibilities in handling sensitive information, including review of employee nondisclosure agreements +보안인식 훈련은 컴퓨터 보안을 교육하는 정식과정이다. 
-  * Requirements for proper handling of sensitive material in physical form, including marking, transmission, storage and destruction +좋은 프로그램은 직원들에게 IT기술을 활용하는 업무에 대한 회사정책과 절차를 교육해야 한다.\\ 
-  * Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication +[NIST 보안인식훈련 가이드 [[http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf|다운로드]]] 
-  * Other computer security concerns, including malware, phishing, social engineering, etc+----
-  * Workplace security, including building access, wearing of security badges, reporting of incidents, forbidden articles, etc. +
-  * Consequences of failure to properly protect information, including potential loss of employment, economic consequences to the firm, damage to individuals whose private records are divulged, and possible civil and criminal penalties+
  
 +  * [[:awareness:정보인식 훈련에 포함할 내용]]
 +
 +
 +===== 인식제고 자료 ===== \\
 +당신의 스마트폰은 안전합니까? \\
 +  * [[:교육자료-1:당신의 스마트폰은 안전합니까?]]
  

추적: