En policy är bara så bra som personens förmåga att efterleva den : Ett arbete om informationssäkerhetspolicys och hur de följs på arbetsplatsen

Sammanfattning: Today new applications are used by companies in order to save money and streamline the business process. The advantages are plenty, but considerations have to be made to ensure that the company’s information does not end up in the wrong hands. The aim of this paper is to examine how employees view company policy, in order to figure out whether it is bad policies or the human factor that is the culprit behind information leaks. Earlier studies have shown that more than 50% of information breaches are a result of internal mishappenings. How can companies use policies to ensure that this does not happen? How can they motivate their employees to adhere to such policies? In this paper we conclude, by interviewing employees that regardless of how good a policy is written, it cannot possibly be effective unless the employees are knowledgeable or motivated to adhere to it.