차이
문서의 선택한 두 판 사이의 차이를 보여줍니다.
양쪽 이전 판이전 판다음 판 | 이전 판다음 판양쪽 다음 판 | ||
awareness [2013/07/08 08:16] – 220.71.11.86 | awareness [2013/08/01 07:48] – [정보보안 인식 개요] wiki1122 | ||
---|---|---|---|
줄 2: | 줄 2: | ||
===== 정보보안 인식(Security awareness) ===== | ===== 정보보안 인식(Security awareness) ===== | ||
- | (출처 : wikipedia)\\ | ||
- | 보안 인식은 물리적이고 특별한 조직의 특별한 정보자산의 보호에 관련하여 조직 구성원의 지식과 태도를 말한다. | ||
- | 정보인식 | + | ==== 정보보안 |
- | + | ||
- | * The nature of sensitive material and physical assets they may come in contact with, such as trade secrets, privacy concerns and government classified information | + | |
- | * Employee and contractor responsibilities in handling sensitive information, | + | |
- | * Requirements for proper handling of sensitive material in physical form, including marking, transmission, | + | |
- | * Proper methods for protecting sensitive information on computer systems, including password policy and use of two-factor authentication | + | |
- | * Other computer security concerns, including malware, phishing, social engineering, | + | |
- | * Workplace security, including building access, wearing of security badges, reporting of incidents, forbidden articles, etc. | + | |
- | * Consequences of failure to properly protect information, | + | |
- | + | ||
- | ---- | + | |
\\ | \\ | ||
(techtarget.com)\\ | (techtarget.com)\\ | ||
- | Security awareness training is a formal process for educating employees about computer security. | + | Security awareness training is a formal process for educating employees about computer security.\\ |
+ | A good security awareness program should educate employees about corporate policies and procedures for working with information technology (IT). Employees should receive information about who to contact if they discover a security threat and how to handle confidential information. Regular training is particularly necessary in organizations with high turnover rates and those that rely heavily on contract or temporary staff. | ||
+ | |||
+ | \\ | ||
+ | 보안인식 훈련은 컴퓨터 보안을 교육하는 정식과정이다. | ||
+ | 좋은 프로그램은 직원들에게 IT기술을 활용하는 업무에 대한 회사정책과 절차를 교육해야 한다.\\ | ||
+ | [NIST 보안인식훈련 가이드 [[http:// | ||
+ | ---- | ||
- | A good security | + | * [[:awareness: |
- | The National Institute of Standards and Technology (NIST) has an excellent publication with templates and guides for what should go into a security awareness training program. The 70-page document is available for free in PDF format from the institute' |