Skip to main content
SpringerLink
Log in
Book cover

Security Technology, Disaster Recovery and Business Continuity pp 47–56Cite as

Data Confidentiality and Integrity Issues and Role of Information Security Management Standard, Policies and Practices – An Empirical Study of Telecommunication Industry in Pakistan

  • Conference paper

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 122))

Abstract

The amount of data communications is increasing each day and with it comes the issues of assuring its security. This research paper explores the information security management issues with respect to confidentiality and integrity and the impact of Information Security Management Standards, Policies and Practices (ISMSPP) on information security. This research has been conducted on the telecommunication industry of Pakistan that was ranked 9th globally in 2009 in terms of subscription. The research methodology was case study based in which perceptions were gathered as well as thematic analysis of the interviews was done. The research focus is on breach of data integrity and confidentiality by the internal users in the industry and the perception of improvement, if any, of the data security due to implementation of security management policies and controls. The results show that information security measure are perceived to have a positive impact on reducing data confidentiality and integrity breaches but still falls short of what is required. It concludes that security policies might improve the situation provided, firstly, that the top managements takes information security seriously, and secondly, the non-technical human aspects of the issues are taken into consideration.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. United Nations: Glossary of Recordkeeping Terms

    Google Scholar 

  2. ISO: ISO 17799

    Google Scholar 

  3. Weise, J.: Public Key Infrastructure Overview (2001), http://www.sun.com/blueprints/0801/publickey.pd

  4. The ShockwaveWriter’s Reply To Donn Parker. Computer Fraud & Security 2001, 19–20 (2001)

    Google Scholar 

  5. Myler, E.E., Broadbent, G.: ISO 17799: Standard for Security. The Information Management Journal (2006)

    Google Scholar 

  6. Richman, S.H., Pant, H.: Reliability Concerns for Next-Generation Networks. Bell Labs Technical Journal 12, 103–108 (2008)

    Article  Google Scholar 

  7. Prnjat, O., Sacks, L.E.: Integrity methodology for interoperable environments. Communications Magazine, IEEE 37, 126–132 (1999)

    Article  Google Scholar 

  8. Kramer, J.: The CISA prep guide: mastering the certified information systems auditor exam. John Wiley and Sons, New Jersey (2003)

    Google Scholar 

  9. Höne, K., Elof, J.H.P.: Information security policy — what do international information security standards say? Computers & Security 21, 402–409 (2002)

    Article  Google Scholar 

  10. Visser, W., Matten, D., Pohl, M., Tolhurst, N.: The A to Z of corporate social responsibility. John Wiley and Sons, New Jersey (2008)

    Google Scholar 

  11. Siponen, M.: Information Security Standards Focus on the Existence of Process, Not Its Content. Communications of the ACM 49, 97–100 (2006)

    Article  Google Scholar 

  12. Bodin, L.D., Gordon, L.A., Loeb, M.P.: Information security and risk management. Commun. ACM 51, 64–68 (2008)

    Article  Google Scholar 

  13. Albrechtsen, E.: A qualitative study of user’s view on information security. Computers & Security 26, 276–289 (2006)

    Article  Google Scholar 

  14. Solms, B.V.: Information Security — A Multidimensional Discipline. Computers & Security 20, 504–508 (2001)

    Article  Google Scholar 

  15. von Solms, B., von Solms, R.: The 10 deadly sins of information security management. Computers & Security 23, 371–376 (2004)

    Article  Google Scholar 

  16. Siponen, M., Willison, R.: Information security management standards: Problems and solutions. Information & Management 46, 267–270 (2009)

    Article  Google Scholar 

  17. Kenneth, R.: Telecom industry: mobile firms getting 2 million subscribers every month (2008), http://www.dailytimes.com.pk/default.asp? page=2008\03\07\story_7-3-2008_pg5_9

  18. Londesborough, R., Feroze, J.: Pakistan telecommunications report. Business Monitor International, London (2008)

    Google Scholar 

  19. Pakistan - Key Statistics, Telecom Market and Regulatory Overviews. Totel Pty Ltd. (2010)

    Google Scholar 

  20. Global Wireless Data Market _- 2009 Update. Chetan Sharma Consulting (2010)

    Google Scholar 

  21. Moblie Cellular Services. Pakistan Telecommunications Authority (2010)

    Google Scholar 

  22. Fixed Line Services. Pakistan Telecommunications Authority (2010)

    Google Scholar 

  23. Telecommunication Rules 2000 (2000)

    Google Scholar 

  24. Codes of Conduct, Group Governance Document (2010), http://www.telenor.com.pk/cr/pdf/newCOC.pdf

Download references

Author information

Authors and Affiliations

  1. Center of Excellence in Information Assurance (CoEIA), King Saud University, Saudi Arabia

    Syed Irfan Nabi & Khaled Alghathbar

  2. Faculty of Computer Sciences, Institute of Business Administration, Karachi, Pakistan

    Syed Irfan Nabi, Bushra Haqqi & Zahra Abid

  3. Namal College, Mianwali, Pakistan

    Syed Waqar Nabi

  4. Department of Management, School of Business, University of Sharjah, United Arab Emirates

    Syed Awais Ahmed Tipu

  5. Department of Information Systems, College of Computer and Information Science, King Saud University, Saudi Arabia

    Khaled Alghathbar

Authors
  1. Syed Irfan Nabi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Syed Waqar Nabi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Syed Awais Ahmed Tipu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bushra Haqqi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Zahra Abid
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Khaled Alghathbar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hannam University, Daejeon, South Korea

    Tai-hoon Kim

  2. National Chiao Tung University, Hsinchu, Taiwan

    Wai-chi Fang

  3. King Saud University, Riyadh, Saudi Arabia

    Muhammad Khurram Khan

  4. Mississippi State University, Mississippi State, MS, USA

    Kirk P. Arnett

  5. Dept. of Computer Engineering, Mokwon University, 800, Doan-dong, Seo-gu, 302-729, Daejeon, Korea

    Heau-jo Kang

  6. University of Warsaw & Infobright Inc., Poland

    Dominik Ślęzak

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nabi, S.I., Nabi, S.W., Tipu, S.A.A., Haqqi, B., Abid, Z., Alghathbar, K. (2010). Data Confidentiality and Integrity Issues and Role of Information Security Management Standard, Policies and Practices – An Empirical Study of Telecommunication Industry in Pakistan. In: Kim, Th., Fang, Wc., Khan, M.K., Arnett, K.P., Kang, Hj., Ślęzak, D. (eds) Security Technology, Disaster Recovery and Business Continuity. Communications in Computer and Information Science, vol 122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17610-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17610-4_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17609-8

  • Online ISBN: 978-3-642-17610-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation