• Journal of Information Technology Services
• /
• v.15 no.3
• /
• pp.33-50
• /
• 2016

In a dynamic IT environment, employees often utilize external IT resources to work more efficiently and flexibly. However, the use of external IT resources beyond its control may cause difficulties in the company. This is known as "Shadow IT." In spite of efficiency gains or cost savings, Shadow IT presents problems for companies such as the outflow of enterprise data. To address these problems, appropriate measures are required to maintain a balance between flexibility and control. Therefore, in this study, we developed a new information security management system called AIIMS (Advanced IT service & Information security Management System) and the Shadow IT Evaluation Model. The proposed model reflects a Shadow IT's attributes such as innovativeness, effectiveness, and ripple effect. AIIMS consists of five fields: current analysis; Shadow IT management plans; management process; education and training; and internal audit. There are additional management items and sub-items within these five fields. Using AIIMS, we expect to not only mitigate the potential risks of Shadow IT but also create successful business outcomes. Now is the time to draw to the Light in the Shadow IT.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2012.10a
• /
• pp.776-779
• /
• 2012

Recently one of the hot topics of IT field is big data. The security's meaning changed a lot, so security tools which were used to protect the limit area traditionally, now don't have any effectiveness. In the age of Cloud Computing, big data will do the best work. This paper discusses the technology related to big data and the intelligent security system utilizing big data.

• Journal of Information Technology Applications and Management
• /
• v.24 no.4
• /
• pp.25-39
• /
• 2017

This research conducted empirical and comparative study following interview concerning the relationship of acceptance attitudes and expected effects of the teleworking between Korean and Canada organizations. Independent variable was acceptance attitude, and the expected effect as dependent variable. Totally, 201 responded questionnaires (Korea : 118, Canada : 83) were analyzed for multiple regression and mean difference between groups. On January 1, 2015, Canada had agreed FTA (free trade agreement) with Korea. Therefore, many organizations can have opportunities for sharing hands in social infrastructures and business area. As a result, the research found out that teleworking can positively improve employee's quality of life, efficiency of works. Moreover, respondents informed us that it may give us national and social cost saving. The BYOD (bring your own device) will be helpful to make employees do more active communication. This comparative research expects that two countries have some insights to cooperate in smart work or teleworking. In addition, several Korean companies can have chances to export IT technologies to Canada market.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.17-23
• /
• 2018

The rapid development of mobile technology has increased the use of mobile devices, and the possibility of security incidents is also increasing. The leakage of information through photos is the most representative. Previous methods for preventing this are disadvantageous in that they can not take pictures for other purposes. In this paper, we design and implement a system to prevent information leakage through photos using object recognition and beacon. The system inspects pictures through object recognition based on deep learning and verifies whether security policies are violated. In addition, the location of the mobile device is identified through the beacon and the appropriate rules are applied. Web applications for administrator allow you to set rules for taking photos by location. As soon as a user takes a photo, they apply appropriate rules to the location to automatically detect photos that do not conform to security policies.

• Convergence Security Journal
• /
• v.19 no.3
• /
• pp.51-59
• /
• 2019

In this paper, we propose a device identification system for network visibility that can maintain the secure internal network environment in the IoT era. Recently, the area of enterprise network is getting huge and more complicated. Not only desktops and smartphones but also business pads, barcode scanners, APs, Video Surveillance, digital doors, security devices, and lots of Internet of Things (IoT) devices are rapidly pouring into the business network, and there are highly risk of security threats. Therefore, in this paper, we propose the device identification system that includes the process and module-specific functions to identify the exploding device in the IoT era. The proposed system provides in-depth visibility of the devices and their own vulnerabilities to the IT manager in company. These information help to mitigate the risk of the potential cyber security threats in the internal network and offer the unified security management against the business risks.

• Journal of Information Technology Services
• /
• v.20 no.4
• /
• pp.95-111
• /
• 2021

Recently, many organizations are actively adopting VDI (Virtual Desktop Infrastructure), an IT-based business system, to build a non-face-to-face business environment for smart-work. However, most of the existing research on VDI has focused on the satisfaction of system service quality or the use of IT resources and investment for VDI introduction. However, research on effective management and utilization of factors according to the characteristics of VDI technology is urgently required. This study is an empirical research study on how VDI technology characteristics affect interactions and work performance by identifying differences in utilization factors between general organization members and IT managers, presenting standards for business utilization and management. This study proposed a model and hypothesis that the system technology characteristics for VDI use are mediated by interactions in which users respond to functions appropriate to their work. In order to verify the hypothesis, a questionnaire survey was conducted on 188 people of companies and institutions that have adopted and used VDI through a questionnaire survey. Data analysis was performed with partial least squares (PLS), a structural equation modeling (SEM) technique that uses a component-based approach to estimation. As a result of the empirical analysis, the same environmental function for performing work, N-th security, and remote access function factors for non-face-to-face work have a significant effect on interactivity, and IT managers have an additional significant effect on the management technology characteristics of resource reallocation. Has been shown to affect. The results of this study aim to minimize trial and error due to new introduction by presenting considerations for future VDI introduction through case analysis.

• Information Systems Review
• /
• v.15 no.2
• /
• pp.1-19
• /
• 2013

Smart working sparked by iPhone3 opens a revolution in smart ways of working at any time, regardless of location and environment. Also, It provide real-time information processing and analysis, rapid decision-making and the productivity of businesses, including through the timely response and the opportunity to increase the efficiency. As a result, every company are developing mobile information systems. But company data is accessed from the outside, it has problems to solve like security, hacking and information leakage. Also, Mobile devices such as smart phones belonging to the privately-owned asset can't be always controlled to archive company security policy. In the meantime, public smart phones owned by company was always applied security policy. But it can't not apply to privately-owned smart phones. Thus, this paper is focused to archive company security policy, but also enable the individual's free to use of smart phones when we use mobile information systems. So, when we use smart phone as individual purpose, the normal operation of all smart phone functions. But, when we use smart phone as company purpose like mobile information systems, the smart phone functions are blocked like screen capture, Wi-Fi, camera to protect company data. In this study, we suggest the design and implementation of real time control and management of mobile device using MDM(Mobile Device Management) solution. As a result, we can archive company security policy and individual using of smart phone and it is the optimal solution in the BYOD(Bring Your Own Device) era.