Affiliation:
1. Podolsk State Agrarian Technical University, Podolsk, Ukraine
Abstract
The necessity of formation of an effective information security system of the enterprise is substantiated. It is emphasized that when designing an information policy, the firm must comply with the requirements of the current legislation, take into account the level of technical support, especially the regulation of employees' access to confidential information, etc. It is stated that the costs of organizing information security measures should be appropriate to its value.
The article identifies major threats that could be breached by confidential information. The list of the main normative legal acts aimed at bringing to civil, administrative and criminal responsibility for illegal collection, disclosure and use of information constituting a trade secret. The main stages of building an information security policy are summarized, the most common types of information threats related to the use of modern computer technologies are described.
The necessity of developing a domestic original accounting (management) program that could be used in the long term by the vast majority of Ukrainian enterprises is pointed out.
There are three groups of tools that are applied in the theory and practice of information security of the enterprise (active, passive and combined), emphasizing the need for planning and continuous monitoring in real time of all important processes and conditions that affect data security.
It is noted that even if the information security system is built taking into account all modern methods and means of protection, it does not guarantee one hundred percent protection of the information resources of the enterprise, but a well-designed information security policy allows to minimize the corresponding risks.
Key words: information security, information policy, information security, confidential information, information threats, information and communication technologies, software.
Publisher
The Bila Tserkva National Agrarian University
Reference21 articles.
1. Mykytenko T.V., Petrovska I.O., Rohov P.D. (2014). Problemy informatsiinoi bezpeky subiektiv hospodariuvannia v Ukraini ta mozhlyvi shliakhy yikh vyrishennia v suchasnykh umovakh [Problems of informative safety of subjects of menage in Ukraine and possible ways of their decision are in modern terms]. Zbirnyk naukovykh prats Tsentru voienno-stratehichnykh doslidzhen Natsionalnoho universytetu oborony Ukrainy imeni Ivana Cherniakhovskoho [Collection of scientific works of Center of military-strategic researches of the National university of defensive of Ukraine of the name of Ivan Cherniakhovskii], no 1, pp. 24-31. Available at: http://journals.uran.ua/index.php/2304-2699/article/view/126694
2. Pecheniuk A.V. (2015). Problemy orhanizatsii efektyvnoho zakhystu informatsii [Problems of organization of effective protection of information]. Bukhhalterskyi oblik, kontrol ta analiz v umovakh instytutsionalnykh zmin ta staloho ekonomichnoho rozvytku [Accounting, control and analysis in the face of institutional change and sustainable economic development]: materialy II mizhnar. nauk.-prakt. internet-konf. 25 lystopada 2015 r. Ternopil, Krok, pp. 129-133.
3. Pro informatsiiu: Zakon Ukrainy [On Information]. Law of Ukraine. Available at: https://zakon.rada.gov.ua/laws/show/2657-12.
4. Pro zakhyst informatsii v informatsiino-telekomunikatsiinykh systemak: Zakon Ukrainy [On Information Protection in Information and Telecommunication Systems]. Law of Ukraine. Available at: https://zakon.rada.gov.ua/laws/show/80/94-%D0%B2%D1%80.
5. Pro rishennia Rady natsionalnoi bezpeky i oborony Ukrainy vid 27 sichnia 2016 roku. Pro Stratehiiu kiberbezpeky Ukrainy Ukaz Prezydenta Ukrainy. [On the Decision of the National Security and Defense Council of Ukraine of January 27, 2016. On the Cybersecurity Strategy of Ukraine]. Presidential Decree. Available at: https://zakon5.rada.gov.ua/laws/show/96/2016.
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献