An Information Security Framework in the Enterprise Private Cloud Environment

• Main Authors: Yu-Min Lin, 林育民
• Other Authors: Hong-Tu Liao
• Format: Others
• Language: zh-TW
• Published: 2013
• Online Access: http://ndltd.ncl.edu.tw/handle/27551251432293928727

碩士 === 世新大學 === 資訊管理學研究所(含碩專班) === 101 === As the development of “Cloud Computing” keeps going, enterprises rely on it more and more to handle complicated work which was done by manual tasks before with less effectiveness. This technology, therefore, has become one of their sharp weapons in their businesses. While information security plays such an important role for the existence of enterprises or organizations, consequently, making good policies and management measures are top priorities for them. Through literature review, the author brings up an Information Security Management System (ISMS: Information Security Management System) that fits the needs of a private enterprise under the Virtual Private Cloud environment. Due to uniqueness of the Virtual Private cloud computing technology that has been isolated from the internet, being free from cyber-attack is its greatest advantage. However, it still can not get away from potential threaten coming from intentional deeds regardless strict monitoring. Therefore, on the bases of ISO/IEC 27001:2005, the author puts emphasis on intentional danger caused by employees, intentionally or unintentionally. Furthermore, the author attempts to make doable plans and policies for enterprises when applying Virtual Private cloud computing technology, and finally to reach the goal of making progress continuously by means of PDCA cycle, namely, "Plan-Do-Check-Act".