Virtualization at File System Level: A New Approach to Secure Data in Shared Environment

Tran, Thi Thu Giang; Le, Duc Quang; Tran, Trung Dung

doi:10.7763/ijcte.2016.v8.1048

Cited by 1 publication

(1 citation statement)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…internet and software (Holt, 2007;Holt and Bossler, 2008). For example, in a shared website hosting environment, if the attacker is able to compromise the targeted website, the other website that also used the same server is also vulnerable to data theft (Tran et al, 2016). It also can be done manually (easy) such as stealing personal information from mailboxes or during a robbery (Allison et al, 2005;Copes and Vieraitis, 2009;Gordon et al, 2007;Morris, 2010).…”

Section: Customer Data Security and Theftmentioning

confidence: 99%

Customer data security and theft: a Malaysian organization’s experience

Abidin

Nawawi

Salin

2019

ICS

View full text Add to dashboard Cite

Purpose This study aims to identify weaknesses in current internal control systems in protecting customer data and the drivers that motivate employees to steal customer data and the impact of customer data theft on the organization. Design/methodology/approach A case study approach was taken to investigate and analyze internal control system weaknesses. One organization that involved investor and treasury services was selected as a case study in this research. A mixed method of data collection, specifically survey questionnaires and observations, was used. Findings This study revealed that employees are aware of the policy to protect customer data in their organization. Ironically, customer data theft still occurred despite the company having an internal control system. The main concern was the attitude of the employees to adhere to the policies in place, which becomes the major cause of internal control violation. Employees tend to ignore policies and standard operating procedures, providing opportunities for data theft and fraud to occur, although they realize this will result in a severe impact on the reputation of a company. Research limitations/implications The results provide further confirmation of the fraud triangle theory, i.e. opportunity on the possible causes of the data theft and fraud, supporting prior empirical research and surveys conducted by researchers and global professional firms on fraud. This study, however, was conducted on only one organization with limited participation from employees because of the sensitivity of the nature of the topic. Practical implications This study provided recommendations that can be a reference for companies and regulatory bodies in preventing customer data theft cases, such as regular training and awareness campaigns to the staff, stringent recruitment policies, close monitoring on the accessibility of customer data and continuous use of advanced technology to prevent a data breach. Originality/value This study is original, as it focuses on an organization that operates in the financial services industry, which is one of the most attacked sectors for data theft and cybercrime activity globally. Furthermore, this kind of research is rare in fraud literature, particularly in developing markets such as Malaysia. The findings of this study are inferred from the direct observation of the organizational and employee work environments, activities and behaviors, which are private and confidential and difficult to access by researchers for publication in academic journals.

show abstract