Abstract
Data leakage can lead to severe issues for a company, including financial loss, damage of goodwill, reputation, lawsuits and loss of future sales. To prevent these problems, a company can use other mechanisms on top of traditional Access Control. These mechanisms include for instance Data Leak Prevention or Information Rights Management and can be referred as Transmission Control. However, such solutions can lack usability and can be intrusive for end-users employees. To have a better understanding of the perception and usage of such mechanisms within business infrastructures, we have conducted in this article an online survey on 150 employees. These employees come from different companies of different sizes and sectors of activity. The results show that whatever the size of the company or its sector of activity, security mechanisms such as access control and transmission control can be considered as quite intrusive and blocking for employees. Moreover, our survey also shows interesting results regarding more acceptable and user-friendly anti-data leakage mechanisms that could be used within companies.
Highlights
While doing business, a company creates, exchanges and saves meaningful data
A company can use Access Control (AC), which is a set of techniques that restrict the access to resources to specific and authorized users by defining “who can access what?” due to the growth of networks and connected computers, a security issue, called data leakage, has arisen
The rest of the article is structured as follows: “Related Works” section gives an overview about existing works on access control, data leak prevention, information right management and surveys on security and usability
Summary
A company creates, exchanges and saves meaningful data. These meaningful data are valuable for the company wealth, good functioning and reliability. Unintentional: which means done without full knowledge of the facts and without intent to cause harm This kind of data leak can be due to human errors, lack of awareness, clumsiness, etc. A company can use other solutions besides AC, such as Data Leak Prevention (DLP) and Information Rights Management (IRM). These mechanisms can be complex to apprehend (i.e., not easy to understand and use) for end-users. The rest of the article is structured as follows: “Related Works” section gives an overview about existing works on access control, data leak prevention, information right management and surveys on security and usability. “Conclusion and Future Works” section concludes the article and give insights on future works
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
