A novel approach for improving information security management and awareness for home environments

Document Type

Journal Article

Publication Title

Information and Computer Security

ISSN

20564961

Publisher

Emerald

School

School of Science

RAS ID

35227

Comments

Alotaibi, F. G., Clarke, N., & Furnell, S. M. (2020). A novel approach for improving information security management and awareness for home environments. Information & Computer Security, 29(1), 25-48. https://doi.org/10.1108/ICS-05-2020-0073

Abstract

© 2020, Emerald Publishing Limited. Purpose: The human factor is a major consideration in securing systems. A wide and increasing range of different technologies, devices, platforms, applications and services are being used every day by home users. In parallel, home users are also experiencing a range of different online threats and attacks and are increasingly being targeted as they lack the knowledge and awareness about potential threats and how to protect themselves. The increase in technologies and platforms also increases the burden upon a user to understand how to apply security across differing technologies, operating systems and applications. This results in managing the security across their technology portfolio increasingly more troublesome and time consuming. This paper aims to propose an approach that attempts to propose a system for improving security management and awareness for home users. Design/methodology/approach: The proposed system is capable of creating and assigning different security policies for different digital devices in a user-friendly fashion. These assigned policies are monitored, checked and managed to review the user’s compliance with the assigned policies to provide bespoke awareness content based on the user’s current needs. Findings: A novel framework was proposed for improving information security management and awareness for home users. In addition, a mock-up design was developed to simulate the proposed approach to visualise the main concept and the functions which might be performed when it is deployed in a real environment. A number of different scenarios have been simulated to show how the system can manage and deal with different types of users, devices and threats. In addition, the proposed approach has been evaluated by experts in the research domain. The overall feedback is positive, constructive and encouraging. The experts agreed that the identified research problem is a real problem. In addition, they agreed that the proposed approach is usable, feasible and effective in improving security management and awareness for home users. Research limitations/implications: The proposed design of the system is a mock-up design without real data. Therefore, implementing the proposed approach in a real environment can provide the researcher with a better understanding of the effectiveness and the functionality of the proposed approach. Practical implications: This study offers a framework and usable mock-up design which can help in improving information security management for home users. Originality/value: Improving the security management and awareness for home users by monitoring, checking and managing different security controls and configurations effectively are the key to strengthen information security. Therefore, when home users have a good level of security management and awareness, this could protect and secure the home network and subsequently business infrastructure and services as well.

DOI

10.1108/ICS-05-2020-0073

Access Rights

subscription content

Share

 
COinS