Abstract
Employees are the greatest threat to an organization's security. Their non-compliance with security policies not only threatens the integrity of the system, it also costs the organization a significant amount of money due to the loss of information or the man-hours spent fixing problems that the user causes. This paper looks at the man-hour cost due to non-compliance at a branch of a large university. We identified what constituted non-compliance and then had the IT staff track the number of hours they spent addressing these problems over a 13-month period. This paper also covers what actions and tools the IT department is using to combat the problem of user non-compliance.
Original language | English (US) |
---|---|
Title of host publication | 32nd Annual ACM SIGUCCS Fall 2004 Conference - Proceedings |
Pages | 47-51 |
Number of pages | 5 |
State | Published - 2004 |
Event | 32nd Annual ACM SIGUCCS Fall 2004 Conference - Baltimore, MD, United States Duration: Oct 10 2004 → Oct 13 2004 |
Other
Other | 32nd Annual ACM SIGUCCS Fall 2004 Conference |
---|---|
Country/Territory | United States |
City | Baltimore, MD |
Period | 10/10/04 → 10/13/04 |
All Science Journal Classification (ASJC) codes
- General Engineering