政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/31333

English | 正體中文 | 简体中文 | Post-Print筆數 : 27 | Items with full text/Total items : 113648/144635 (79%)
Visitors : 51672879 Online Users : 737

RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.

Scope

please add "double quotation mark" for query phrases to get precise results

please goto advance search for comprehansive author search

Adv. Search

Home ‧ Login ‧ Upload ‧ Help ‧ About ‧ Administer

Goto mobile version

政大機構典藏 > 商學院 > 國際經營管理英語碩士學程IMBA > 學位論文 > Item 140.119/31333

Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/31333

Title:	仕欽科技企業資訊系統安全研究報告 Information System Security of Everskill Technology Co., Ltd. For OEM Electronics Industry
Authors:	詹小瑩 Chan, Cathy
Contributors:	蕭瑞麟詹小瑩 Chan, Cathy
Keywords:	安全研究報告
Date:	2007
Issue Date:	2009-09-14 09:48:53 (UTC+8)
Abstract:	仕欽科技企業資訊系統安全研究報告 Abstract Information System Security of Everskill Technology Co., Ltd. for OEM Electronics Industry by Cathy Chan OEM Electronics industry has been the foundation of Taiwan’s economy for the past few decades, and has made major contribution to foreign reserves for the country. However, entering into this millennium, with the rising of the BRIC countries (Brazil, Russia, India and China), Taiwan’s OEM electronics industry is gradually losing competitive advantages. Nowadays, to improve competitiveness is the most critical issue in the industry. According to MIC of III , the integration of information technology in OEM electronics industry is a major index of Taiwan’s competitiveness. The higher the information system is integrated, the more the system should be secured. Otherwise, in case of any abusage, the damage can sometimes beyond our imagination. The collapse of Barings Bank is a best lesson for all of us to learn. Therefore, we should put equal emphasis on information system security as well as information system integration. The scope of this paper is to analyze the information system security of Everskill Technology, an OEM electronics company, to find out the weakness of the existing IT framework, and better improvement for future information system security in the company and OEM electronics industry. This paper will thoroughly examine the existing structure of the information system of Everskill Technology, e.g. how the structure is built? Why it is built this way? How is the information system secured? What are the factors that affect information system security? How to modify the factors? The paper will also highlight some incidents, pin point the weakness of the system, and also provide suggestions for future improvements. My conclusion is that the successful implementation of information system security to an organization is not just about how advanced the products/technology are, or how complete the procedures/checklists are, the people(agents) in the organization also play an very important role. As a professional manager of the organization, I believe we should always be aware of the relations among products/technology, procedures/checklists and the people (agents). Only through perfect balance among the three factors, we can successfully implement and secure information system of the organization. Ultimately, this paper can provide an agenda for any other OEM electronics company who wishes to improve her information system security and hopefully can be a stimulation of improvement for the industry. LIST OF FIGURES VIII LIST OF TABLES VIII CHAPTER 1 INTRODUCTION 9 1.1 Research Motive 9 1.2 Research Objective 10 1.3 Paper Outlines 11 CHAPTER 1 LITERATURE REVIEW 13 2.1 Principles of ISS 13 2.1.1 Principles of ISS for the Decade 13 2.2 Theories of ISS 15 2.2.1 Functionalism Theory 15 2.2.2 Methodology Theory 16 2.2.3 Institutionalization Theory 20 CHAPTER 3 THE CASE: EVERSKILL TECHNOLOGY CO.,LTD. 24 3.1 Background of OEM Electronics Industry 24 3.2 Introduction of Everskill Technology Co., Ltd. 25 3.3 Everskill’s ISS Policy 27 3.4 Everskill’s Information System 30 CHAPTER 4 ANALYSIS ON EVERSKILL INFORMATION SYSTEM SECURITY 32 4.1.1 Incident 1: External Virus Attack 32 4.1.2 Incident 2: Lightening Strike 33 4.1.3 Incident 3: Internal Virus Spreading 33 4.2 Analysis on Everskill’s Information System Security 34 4.2.1 Single-firewall Internet Protection 34 4.2.2 Incoherent IS Structure 35 4.2.3 Compromised Internet Access Control 36 CHAPTER 5 RECOMMENDATIONS & CONCLUSIONS 37 5.1 Proposition 1: Multi-layer Protection 37 5.2 Proposition 2: DMZ Application 38 5.3 Proposition 3: IPS Protection 39 5.4 Conclusions 41 REFERENCES 44 APPENDIX 45 1.仕欽科技(股)公司資通安全政策 45 2.仕欽科技(股)公司資訊部門管理辦法 51 3.仕欽科技(股)公司資訊部門工作職掌 53 4.仕欽科技(股)公司台北廠系統復原計畫 54 5.仕欽科技(股)公司資訊部門請購資料 57 List of Figures FIGURE 2.1 THE CIRCUITS OF POWER FRAMEWORK 11 FIGURE 3.1 EVERSKILL’S ORGANIZATION CHART 16 FIGURE 3.2 EVERSKILL TAIPEI’S EXISTING IT FRAMEWORK 21 FIGURE 3.3 EVERSKILL’S MIS EXPENDITURE 22 FIGURE 5.1 MULTI-LAYER PROTECTION 29 FIGURE 5.2 PROPOSED INTERNET FRAMEWORK 31 List of Tables TABLE 2.1 SUMMARY OF ISS RESEARCH 7 TABLE 2.2 THE CLASSES OF TRADITIONAL ISS METHODS 8 TABLE 2.3 FUNDAMENTAL OBJECTIVES RELATED TO ISS 10 TABLE 3.1 EVERSKILL’S CHRONOLOGIC EVENT 17
Reference:	Dhillon, G. & Backhouse, J. (1996). Risks in the Use of Information Technology Within Organizations. International Journal of Information Management, 16(1), 65-74. Dhillon, G. & Backhouse, J. (2000). Information System Security Management in the new millennium. Comminucations of the ACM, 43(7), 125~128. Dhillon, G. & Backhouse, J. (2001). Current Directions in IS Security research: Towards Socio-Organizational Perspectives. Information Systems Journal, 11, 127-153. Dhillon, G..& Torkzadeh, G. (2006). Value-focused assessment of information system security in organizations. Information Systems Journal, 16, 293-314. Heinlein, E. B. (1995 ). Principles of Information Systems Security Computers & Security 14(3), 197-198. Hsu, C., Silva, L., & Backhouse, J. (2006). Circuits of Power in Creating De Jure Standards: Shaping An International Information Systems Security Standard. MIS Quarterly, 30(Special Issue), 413-438. Silva, L., & Backhouse, J. (1997). Becoming part of the furniture, The Institutionalisation of Information Systems. Information Systems and Qualitative Research, 1-27. Siponen, M. T. (2005). An analysis of the traditional IS security approaches: implications for research and practice. European Journal of Information Systems, 14, 303-315. 張家維. (2007). 2006-2009年台灣中小型製造業資訊軟體與服務投資現況與未來趨勢. 1-28. 仕欽科技企業股份有限公司九十五年度財務報告 www.everskill.com.tw www.google.com www.mcafee.com www.rca.com www.symantec.com www.wikipedia.com
Description:	碩士國立政治大學國際經營管理碩士班(IMBA) 94933015 96
Source URI:	http://thesis.lib.nccu.edu.tw/record/#G0094933015
Data Type:	thesis
Appears in Collections:	[國際經營管理英語碩士學程IMBA] 學位論文

Files in This Item:

File	Size	Format
index.html	0Kb	HTML2	621	View/Open

All items in 政大典藏 are protected by copyright, with all rights reserved.

社群 sharing

著作權政策宣告 Copyright Announcement

1.本網站之數位內容為國立政治大學所收錄之機構典藏，無償提供學術研究與公眾教育等公益性使用，惟仍請適度，合理使用本網站之內容，以尊重著作權人之權益。商業上之利用，則請先取得著作權人之授權。
The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

2.本網站之製作，已盡力防止侵害著作權人之權益，如仍發現本網站之數位內容有侵害著作權人權益情事者，請權利人通知本網站維護人員(nccur@nccu.edu.tw)，維護人員將立即採取移除該數位著作等補救措施。
NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.

DSpace Software Copyright © 2002-2004 MIT & Hewlett-Packard / Enhanced by NTU Library IR team Copyright © - Feedback