TRAINING OF ADMINISTRATIVE STAFF FOR PROVIDING INFORMATION SECURITY IN A REMOTE WORK ENVIRONMENT
University of Ruse (BULGARIA)
About this paper:
Conference name: 15th International Technology, Education and Development Conference
Dates: 8-9 March, 2021
Location: Online Conference
Abstract:
In a time of world pandemic, most of the administrative staff started working remotely. This leads to the need of training the employees and optimizing the working processes in companies.
In a remote working environment, information security is a critical issue for companies.
Information Security is not only about securing information from unauthorized access. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction of information.
Information is the lifeblood of any business or organization. It helps dictate how businesses form strategies, and implement processes based on them. With access to vast amounts of information comes great responsibility. At the core of Information Security is Information Assurance, which means the act of maintaining the CIA of information, ensuring that information is not compromised in any way when critical issues arise.
The current article defines what kind of information is critical for municipal administration and how to classify information as critical - standards and directives.
The research is focused on presenting a methodology of employees' training referred to systems that use critical information. The key points are ways to identify critical infrastructure(Critical infrastructure is the body of systems, networks, and assets that are so essential that their continued operation is required to ensure the security of a given nation, its economy, and the public’s health and/or safety.) and information systems which uses critical information; an assessment of risks; planned training for administrative staff in a wide range of аge and different levels of IT competency - basic themes, guides and final assessment of knowledge and acquired skills; defining of procedures for recognizing the unauthorized access.
This article may be a start point for developing a course for the needs of training staff in different types of companies referred to information security using the knowledge acquired in university and enriched working in administration.Keywords:
Information security, research, training, critical data, infrastructure, staff.