Framework for Digital Data Access Control from Internal Threat in the Public Sector

Apply

Framework for Digital Data Access Control from Internal Threat in the Public Sector

Journal Title: International Journal of Advanced Computer Science & Applications - Year 2019, Vol 10, Issue 8

Abstract

Information management is one of the main challenges in the public sector because the information is often exposed to threat risks, particularly internal ones. Information theft or misuse, which is attributed to human factors, affects the reputation of public sector organizations due to the loss of public trust in the security and confidentiality of the information and personal data that are hacked by internal parties. Most studies focus on general problem solving related to internal threats instead of digital personal data protection. Therefore, this study identifies the main security control elements for personal data access in the public sector, including information security management, human resource security, operational security, access control, and compliance. A comprehensive framework is developed based on the identified security control elements and validated using a case study. Data are collected using interview, observation, and document analysis techniques. The findings contribute to the management of information system security through a systematic approach to controlling internal threats in the public sector. This framework can serve as a guideline for the public sector in managing internal threats to reduce security incidents involving unauthorized access to digital personal data.

Authors and Affiliations

Haslidah Halim, Maryati Mohd Yusof

Keywords

Information management; internal threats; control framework; risk; information security; personal data access

EP ID EP626546
DOI 10.14569/IJACSA.2019.0100809
Views 64
Downloads 0