Farklı işletmelerin ortak siber güvenlik politikalarının karşılaştırmalı araştırması

Thumbnail Image

Files

490282 A comparative study of common cyber security policies for different enterprises.pdf (1.23 MB)

Date

2017

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Research Projects

Organizational Units

Thumbnail Image
Organizational Unit
Software Engineering
(2005)
Department of Software Engineering was founded in 2005 as the first department in Ankara in Software Engineering. The recent developments in current technologies such as Artificial Intelligence, Machine Learning, Big Data, and Blockchains, have placed Software Engineering among the top professions of today, and the future. The academic and research activities in the department are pursued with qualified faculty at Undergraduate, Graduate and Doctorate Degree levels. Our University is one of the two universities offering a Doctorate-level program in this field. In addition to focusing on the basic phases of software (analysis, design, development, testing) and relevant methodologies in detail, our department offers education in various areas of expertise, such as Object-oriented Analysis and Design, Human-Computer Interaction, Software Quality Assurance, Software Requirement Engineering, Software Design and Architecture, Software Project Management, Software Testing and Model-Driven Software Development. The curriculum of our Department is catered to graduate individuals who are prepared to take part in any phase of software development of large-scale software in line with the requirements of the software sector. Department of Software Engineering is accredited by MÜDEK (Association for Evaluation and Accreditation of Engineering Programs) until September 30th, 2021, and has been granted the EUR-ACE label that is valid in Europe. This label provides our graduates with a vital head-start to be admitted to graduate-level programs, and into working environments in European Union countries. The Big Data and Cloud Computing Laboratory, as well as MobiLab where mobile applications are developed, SimLAB, the simulation laboratory for Medical Computing, and software education laboratories of the department are equipped with various software tools and hardware to enable our students to use state-of-the-art software technologies. Our graduates are employed in software and R&D companies (Technoparks), national/international institutions developing or utilizing software technologies (such as banks, healthcare institutions, the Information Technologies departments of private and public institutions, telecommunication companies, TÜİK, SPK, BDDK, EPDK, RK, or universities), and research institutions such TÜBİTAK.

Journal Issue

Abstract

Sanal güvenlik, sadece tüm ölçeklerdeki işletmeler için değil aynı zamanda milli güvenlik için de temel sorunu ve üst düzey önceliği temsil eder. Günümüzde, birçok işletme, sanal çevrelerini ve bilgi ve iletişim teknolojilerini korumak için sanal güvenliğe büyük ölçüde yatırım yapmaktadır. Bu sebeple, birçok işletme, bir hasar gerçekleşmeden ve işletmenin iş alanında negatif bi etki oluşmadan önce herhangi bir saldırıya karşı savunma ve güvenlik çözümlerinden biri olarak güvenlik politikalarını uygulamaktadır. Bu çalışmada, farklı işletmelerin dikkate değer ve yaygın sanal güvenlik politikaları incelenmiş ve tartışılmıştır.Bu işletmelerin içerdiği alanlar sağlık sektörü, finans sektörü, eğitim sektörü, havacılık sektörü ve e-ticarettir. Bu çalışmanın amacı, tüm şirket ve işletmelerde güçlü ve kapsamlı sanal güvenlik kurmaktır. Bu çalışmanın sonucu, tüm işletme ve organizasyonlara kurulması gereken on adet önemli ve yaygın güvenlik politikası olduğunu göstermektedir. Bunlar; gizlilik politikası, veri koruma politikası, veri saklama politikası, bilgi güvenliği politikası, eposta güvenliği politikası, fiziksel güvenlik politikası, website güvenliği politikası, bulut güvenliği politikası, ağ güvenliği politikası ve erişim denetimi politikasıdır. Ek olarak, bu çalışmanın sonuçları, bazı sanal güvenlik politikalarının işletmeden işletmeye daha önemli ve kritik olduğunu göstermektedir. Bu güvenlik politikalarının önceliklerindeki farklılıklar, işletmelerin kontrolü altındaki bilginin türüne ve bu işletmelerin bu güvenlik politikalarına olan güvenlik ihtiyaçlarının türüne bağlıdır
Cyber security represents the essential issue and takes the top priority not only for enterprises of all sizes but also national security. Nowadays, many enterprises invest heavily in cyber security to protect their cyber environments and information and communication technology. Therefore, several enterprises embrace security policies as one of security defense solutions to safeguard from any attacks before the damage is done and negative effect occurs on the business of the enterprise. In this study, significant and common cyber security policies of different enterprises are compared and discussed. These enterprises include health sector, financial sector, educational sector, aviation sector, and e-commerce. The purpose of this study is to build robust and inclusive cyber security in each company and enterprise. The result of this study indicates that there are ten important common security policies should be applied in each enterprise and organization. These policies include privacy policy, data protection policy, data retention policy, information security policy, E-mail security policy, physical security policy, website security policy, cloud security policy, network security policy, and access control policy. Additionally, results of this study show some cyber security policies to be more critical and important from enterprise to enterprise. That difference in priority of these security policıes depend on the nature of information under control enterprises and security needs of enterprises to these security policies. Keywords: Cyber Security Policies; Security

Description

Keywords

Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrol, Computer Engineering and Computer Science and Control

Turkish CoHE Thesis Center URL

Citation

WoS Q

Scopus Q

Source

Volume

Issue

Start Page

0

End Page

98

URI

https://hdl.handle.net/20.500.14411/4611

Collections

Master Tezler / Master Thesis