Nowadays, globalization and information and communication technologies are main issues on organizations and societies, changing the way how people and organizations interact. These issues brought new and more challenges to people, organizations and societies, forcing them to change their perceptions of reality and consequently adopting new business solutions. In this context, people, capabilities and knowhow could make the difference between failure and success, particularly when organizations are facing new and emergent markets or changing their business process. It is important to protect business information, an asset whose relevance is increasing, in order to guarantee his confidentiality, integrity and availability. This issue must be coordinated with information systems and information and communication technologies usage to support information activities through the organization. Therefore, to succeed, the focus must be put on people and on their roles in the organizations, in order to obtain their commitment with information security, according organizational needs. In this sense, we pretend to provide the main roles identification on information security issues that people should take in account, and the options they could take to give a huge contribution to organizational performance.
Key Terms in this Chapter
Security: In the computers-based information systems, it links with the preservation of the information that is supported by those systems, controlling information and systems collection, treatment, use, support and accesses.
Information: It should be understood as data put in a context and treaties in agreement with personal or organizational needs, in order to accomplish these needs.
Integrity: Corresponds to the information that should be maintained in their original format, in agreement with the necessary for the purposes personal or organizational.
Confidentiality: Corresponds to the information that should be preserved, being made available just for who is authorized to use it.
People: They are all the ones that play a part in the organizational environment, and/or all the interested parties in their results, interacting with organizational information system.
Information Security: Includes its control and the preservation of the information to guarantee their privacy and integrity.
Information and Communication Technologies: Corresponds to the hardware, software and related procedures that support their usage in an integrated way, attending to the organizational context.
Availability: Corresponds to the information that should be available when necessary and in the appropriate format.