Using System Dynamics to Investigate the Effect of the Information Medium Contact Policy on the Information Security Management

Pei-Chen Sung, Chien-Yuan Su

Abstract


Computer viruses remain the information security threat for business and result a devastating effect on business
continuity and profitability. In order to deploy antivirus countermeasures, it is necessary to understand and
explore the computer virus propagation. This research explored further the users who contact with media and
discuss information security controls, including management and technical. First, we propose the computer
viruses propagation model and analysis from system viewpoint. Second, we explore and evaluate the
effectiveness of preventive countermeasures. Finally, we suggest several considerations for manager to practice.
The simulation results show that users contact with media for network had a significant effect on infection rate
and policy enforcement has powerful influence than firewall on restrain infection rate. Based on these results, we
suggest: (1) information security management policy development takes precedence over the physical security;
(2) it is very important to identify all assets, define the classification of assets, and identify security roles and
responsibilities of employees; (3) it is necessary to audit regularly the configurations and the parameters of
security techniques; (4) the operating system and the application software on hosts and servers should be updated
and patched regularly; (5) the removable storage and removable/mobile access media should be restricted.


Full Text: PDF DOI: 10.5539/ijbm.v8n12p83

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

International Journal of Business and Management   ISSN 1833-3850 (Print)   ISSN 1833-8119 (Online)

Copyright © Canadian Center of Science and Education

To make sure that you can receive messages from us, please add the 'ccsenet.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.