When trust defies common security sense
Computing, Health and Science
Computing, Health and Science Faculty Office, Centre of Security Research
Primary care medical practices fail to recognize the seriousness of security threats to their patient and practice information. This can be attributed to a lack of understanding of security concepts, underestimation of potential threats and the diffi culty in confi guration of security technology countermeasures. To appreciate the factors contributing to such problems, research into general practitioner security practice and perceptions of security was undertaken. The investigation focused on demographics, actual practice, issues and barriers, and practitioner perception. Poor implementation, lack of relevant knowledge and inconsistencies between principles and practice were identifi ed as key themes. Also the results revealed an overwhelming reliance on trust in staff and in computer information systems. This clearly identifi ed that both cultural and technical attributes contribute to the deficiencies in information security practice. The aim of this research is to understand user needs and problems when dealing with information security practice.