IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Securing the Extended Enterprise: A Method for Analyzing External Insider Threat

Securing the Extended Enterprise: A Method for Analyzing External Insider Threat
View Sample PDF
Author(s): Virginia N. L. Franqueira (University of Twente, The Netherlands), André van Cleeff (University of Twente, The Netherlands), Pascal van Eck (University of Twente, The Netherlands)and Roel Wieringa (University of Twente, The Netherlands)
 Copyright: 2012
 Pages: 28
 Source title: Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions
Source Author(s)/Editor(s): Manish Gupta (State University of New York at Buffalo, USA), John Walp (M&T Bank Corporation, USA)and Raj Sharman (State University of New York, USA)
 DOI: 10.4018/978-1-4666-0197-0.ch012

Purchase

View Securing the Extended Enterprise: A Method for Analyzing External Insider Threat on the publisher's website for pricing and purchasing information.

Abstract

In extended enterprises, the traditional dichotomy between insiders and outsiders becomes blurred: consultants, freelance administrators, and employees of business partners are both inside and outside of the enterprise. As a consequence, traditional controls to mitigate insider and outsider threat do not completely apply to this group of individuals, and additional or improved solutions are required. The ISO 27002 security standard, recognizing this need, proposes third-party agreements to cover security requirements in B2B relationships as a solution, but leaves open how to realize them to counter security problems of inter-organizational collaboration. To reduce this gap, this chapter presents a method for identifying external insiders and analyzing them from two perspectives: as threats and as possible mitigation. The output of the method provides input for further engineering of third-party agreements related to non-measurable IT security agreements; the authors illustrate the method using a manufacturer-retailer example. This chapter also provides an overview of the external insider threat, consisting of a review of extended enterprises and of challenges involved with external insiders.

Related Content

Chaymaâ Boutahiri, Ayoub Nouaiti, Aziz Bouazi, Abdallah Marhraoui Hsaini. © 2024. 14 pages.
Imane Cheikh, Khaoula Oulidi Omali, Mohammed Nabil Kabbaj, Mohammed Benbrahim. © 2024. 30 pages.
Tahiri Omar, Herrou Brahim, Sekkat Souhail, Khadiri Hassan. © 2024. 19 pages.
Sekkat Souhail, Ibtissam El Hassani, Anass Cherrafi. © 2024. 14 pages.
Meryeme Bououchma, Brahim Herrou. © 2024. 14 pages.
Touria Jdid, Idriss Chana, Aziz Bouazi, Mohammed Nabil Kabbaj, Mohammed Benbrahim. © 2024. 16 pages.
Houda Bentarki, Abdelkader Makhoute, Tőkési Karoly. © 2024. 10 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.