| Summary: | 碩士 === 華梵大學 === 資訊管理學系碩士班 === 103 === As the Internet matures, enterprises worldwide allow employees to bring their own devices to access cloud storage service to satisfy market demand and improve their work efficiency, which casts doubts on enterprises ’information security. This research conducts data collection and literature review on iOS-based Bring-Your-Own-Device(BYOD) and cloud storage service, and preforms difference analysis and comparison on ISO27001 infrastructure to increase information security management items of evaluation criteria. Later, it distinguishes 5 main dimensions (management strategy, sustainable operation, technology security, operating security and threat control) and 26 items of evaluation criteria after analyzing evaluation criteria and dimensions through group interview of experts (Delphi questionnaire). At last, the entrepreneurs and experts conduct Analytic Hierarchy Process (AHP) to find out priorities and key factors. The research results show the information security criteria in the top ten weights are “Event Identification, Analysis and Review”, “Information Backup”, “User Device Identification and Authentication”, “Obedience to Laws and Regulations of Various Countries”, “Device Loss and Theft Protection” and “Precaution against Commercial Espionage”. In addition, the entrepreneurs focus on management strategy and sustainable operation, the experts besides pay attention to technology security and operating security. Therefore, it’s necessary for enterprises that have introduced ISO27001 can use these criteria to reinforce themselves. In conclusion, it hopes the research results can be used as a reference for information security risk analysis of cloud storage service that enterprises import into iOS-based BYOD in the future.
|
|---|
