English  |  正體中文  |  简体中文  |  Post-Print筆數 : 11 |  Items with full text/Total items : 88866/118573 (75%)
Visitors : 23549196      Online Users : 301
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://nccur.lib.nccu.edu.tw/handle/140.119/31333


    Title: 仕欽科技企業資訊系統安全研究報告
    Information System Security of Everskill Technology Co., Ltd. For OEM Electronics Industry
    Authors: 詹小瑩
    Chan, Cathy
    Contributors: 蕭瑞麟
    詹小瑩
    Chan, Cathy
    Keywords: 安全研究報告
    Date: 2007
    Issue Date: 2009-09-14 09:48:53 (UTC+8)
    Abstract: 仕欽科技企業資訊系統安全研究報告
    Abstract
    Information System Security of
    Everskill Technology Co., Ltd. for
    OEM Electronics Industry
    by
    Cathy Chan
    OEM Electronics industry has been the foundation of Taiwan’s economy for the past few decades, and has made major contribution to foreign reserves for the country. However, entering into this millennium, with the rising of the BRIC countries (Brazil, Russia, India and China), Taiwan’s OEM electronics industry is gradually losing competitive advantages. Nowadays, to improve competitiveness is the most critical issue in the industry. According to MIC of III , the integration of information technology in OEM electronics industry is a major index of Taiwan’s competitiveness.
    The higher the information system is integrated, the more the system should be secured. Otherwise, in case of any abusage, the damage can sometimes beyond our imagination. The collapse of Barings Bank is a best lesson for all of us to learn. Therefore, we should put equal emphasis on information system security as well as information system integration.
    The scope of this paper is to analyze the information system security of Everskill Technology, an OEM electronics company, to find out the weakness of the existing IT framework, and better improvement for future information system security in the company and OEM electronics industry.
    This paper will thoroughly examine the existing structure of the information system of Everskill Technology, e.g. how the structure is built? Why it is built this way? How is the information system secured? What are the factors that affect information system security? How to modify the factors? The paper will also highlight some incidents, pin point the weakness of the system, and also provide suggestions for future improvements.
    My conclusion is that the successful implementation of information system security to an organization is not just about how advanced the products/technology are, or how complete the procedures/checklists are, the people(agents) in the organization also play an very important role. As a professional manager of the organization, I believe we should always be aware of the relations among products/technology, procedures/checklists and the people (agents). Only through perfect balance among the three factors, we can successfully implement and secure information system of the organization.
    Ultimately, this paper can provide an agenda for any other OEM electronics company who wishes to improve her information system security and hopefully can be a stimulation of improvement for the industry.
    LIST OF FIGURES VIII
    LIST OF TABLES VIII
    CHAPTER 1 INTRODUCTION 9
    1.1 Research Motive 9
    1.2 Research Objective 10
    1.3 Paper Outlines 11
    CHAPTER 1 LITERATURE REVIEW 13
    2.1 Principles of ISS 13
    2.1.1 Principles of ISS for the Decade 13
    2.2 Theories of ISS 15
    2.2.1 Functionalism Theory 15
    2.2.2 Methodology Theory 16
    2.2.3 Institutionalization Theory 20
    CHAPTER 3 THE CASE: EVERSKILL TECHNOLOGY CO.,LTD. 24
    3.1 Background of OEM Electronics Industry 24
    3.2 Introduction of Everskill Technology Co., Ltd. 25
    3.3 Everskill’s ISS Policy 27
    3.4 Everskill’s Information System 30
    CHAPTER 4 ANALYSIS ON EVERSKILL INFORMATION SYSTEM SECURITY 32
    4.1.1 Incident 1: External Virus Attack 32
    4.1.2 Incident 2: Lightening Strike 33
    4.1.3 Incident 3: Internal Virus Spreading 33
    4.2 Analysis on Everskill’s Information System Security 34
    4.2.1 Single-firewall Internet Protection 34
    4.2.2 Incoherent IS Structure 35
    4.2.3 Compromised Internet Access Control 36
    CHAPTER 5 RECOMMENDATIONS & CONCLUSIONS 37
    5.1 Proposition 1: Multi-layer Protection 37
    5.2 Proposition 2: DMZ Application 38
    5.3 Proposition 3: IPS Protection 39
    5.4 Conclusions 41
    REFERENCES 44
    APPENDIX 45
    1.仕欽科技(股)公司資通安全政策 45
    2.仕欽科技(股)公司資訊部門管理辦法 51
    3.仕欽科技(股)公司資訊部門工作職掌 53
    4.仕欽科技(股)公司台北廠系統復原計畫 54
    5.仕欽科技(股)公司資訊部門請購資料 57







    List of Figures
    FIGURE 2.1 THE CIRCUITS OF POWER FRAMEWORK 11
    FIGURE 3.1 EVERSKILL’S ORGANIZATION CHART 16
    FIGURE 3.2 EVERSKILL TAIPEI’S EXISTING IT FRAMEWORK 21
    FIGURE 3.3 EVERSKILL’S MIS EXPENDITURE 22
    FIGURE 5.1 MULTI-LAYER PROTECTION 29
    FIGURE 5.2 PROPOSED INTERNET FRAMEWORK 31

    List of Tables
    TABLE 2.1 SUMMARY OF ISS RESEARCH 7
    TABLE 2.2 THE CLASSES OF TRADITIONAL ISS METHODS 8
    TABLE 2.3 FUNDAMENTAL OBJECTIVES RELATED TO ISS 10
    TABLE 3.1 EVERSKILL’S CHRONOLOGIC EVENT 17
    Reference: Dhillon, G. & Backhouse, J. (1996). Risks in the Use of Information Technology Within Organizations. International Journal of Information Management, 16(1), 65-74.
    Dhillon, G. & Backhouse, J. (2000). Information System Security Management in the new millennium. Comminucations of the ACM, 43(7), 125~128.
    Dhillon, G. & Backhouse, J. (2001). Current Directions in IS Security research: Towards Socio-Organizational Perspectives. Information Systems Journal, 11, 127-153.
    Dhillon, G..& Torkzadeh, G. (2006). Value-focused assessment of information system security in organizations. Information Systems Journal, 16, 293-314.
    Heinlein, E. B. (1995 ). Principles of Information Systems Security Computers & Security 14(3), 197-198.
    Hsu, C., Silva, L., & Backhouse, J. (2006). Circuits of Power in Creating De Jure Standards: Shaping An International Information Systems Security Standard. MIS Quarterly, 30(Special Issue), 413-438.
    Silva, L., & Backhouse, J. (1997). Becoming part of the furniture, The Institutionalisation of Information Systems. Information Systems and Qualitative Research, 1-27.
    Siponen, M. T. (2005). An analysis of the traditional IS security approaches: implications for research and practice. European Journal of Information Systems, 14, 303-315.
    張家維. (2007). 2006-2009年台灣中小型製造業資訊軟體與服務投資現況與未來趨勢. 1-28.
    仕欽科技企業股份有限公司九十五年度財務報告
    www.everskill.com.tw
    www.google.com
    www.mcafee.com
    www.rca.com
    www.symantec.com
    www.wikipedia.com
    Description: 碩士
    國立政治大學
    國際經營管理碩士班(IMBA)
    94933015
    96
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0094933015
    Data Type: thesis
    Appears in Collections:[國際經營管理英語碩士學程IMBA] 學位論文

    Files in This Item:

    File SizeFormat
    index.html0KbHTML317View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback