SlideShare a Scribd company logo
1 of 25
Download to read offline
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Information security for 
increased usage of e-Services
Ana Meskovska,
ana.meskovska@tpconsulting.com.mk
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
About me
• Consultant and Trainer in Trajkovski & Partners
Consulting
• Quality and Information Security Manager
• B.Sc. in Electrical Engineering
• Master student – e-Business management
• ICMCI Certified Management Consultant – CMC
• ECQA certified IT Security and e-Security Manager
• Member of Board of Directors and Chairman of the
Committee for Events of itSMF Macedonia
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
CONTENT
• INTRODUCTION
– Purpose of presentations issues and understanding
the issues
• STARTING FROM THE BASICS
– What is e-service, information security
• ANSWER THE CHALLENGES
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
INTRODUCTION
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Purpose of the presentation
• Main topic - increasing usage of e-services
• Why this topic?
– Explosive development and advancement of ICT
– Significant growth of internet usage
– Rapid increase of e-services
– Flat-lining in usage of e-services
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Households with Internet access
• 81.0% in 2009
• 78.6% in 2008
• 16.5% in 2007
• 14% in 2006
Source: State Statistical Office
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Households that used computer
and Internet in 2008 and 2009
Source: State Statistical Office
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Purpose of using the Internet in
the first quarter 2009
Source: State Statistical Office
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Citizens using the Internet and e-
Government
Figure 1. Percentage of citizens using the Internet and e-Government (Source: Eurostat 2009)
Overall progress in
citizen using
governmental e-
services between
2004 and 2008:
• 4% - 7% for
EU15
• 3% - 4% for
EU12
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
WHY, not to use e-services?
• The e-service doesn’t offer any additional
benefits vs. the regular service
• The e-service is not relevant
• It is too complicated
• It is not as quality as the regular service
• A trust issue
• It is not obligatory
• …….
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Understanding the issues
• Why is trust an issue:
– involvement of sensitive and personal information
– risk from disclosure and misuse of important
information and documents
– absence of physical contact, visual communication
and tangibility
• How to start overcoming this issue?
– Information security
– …….
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
How to use Information security to
increase usage of e-services?
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
STARTING FROM THE BASICS
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
What means e-service?
• The attainment and delivery of services
through electronic media
• Any asset, deed, effort or performance
that is made available via the Internet to
drive new revenue streams or create
new efficiencies
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Types of e-services
• E-services that don’t have critical impact on
our lives or business
– e-mails, social networks, chats, blogs,
collaboration workspaces…
• E-services that have crucial impact on our
lives, private and business wise
– e-banking, e-procurement, e-auctions, e-
government, e-healthcare…
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Example of e-service activities
• registering for user identity - e.g. membership application
• updating user information - e.g. new address
• updating user status - e.g. credit card account balance
• submitting application - e.g. credit card, driving license
• placing order - e.g. buying and selling of stocks and funds
• doing payment transaction - e.g. credit card payment
• searching for information - e.g. business matching
• exchanging information - e.g. chatroom
• receiving information and service - e.g. education notes
• doing survey, etc…
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
What means Information?
• Information is an asset to the organization,
which has value to organization and needs to
be protected appropriately
• Types of information:
– Printed or written on paper
– Electronic
– Send by mail or other electronic connections
– Presented on company’s promotional materials,
web site
– Spoken
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
What means Information 
Security?
• Providing confidentiality, integrity and
availability of written, spoken and
electronic information
– Confidentiality - limiting information access and
disclosure to authorized users and preventing
access by or disclosure to unauthorized ones
– Integrity  - accuracy and completeness
– Availability - accessibility and usability upon
demand by an authorized entity
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
ANSWER THE CHALLENGES
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Implement Information Security
Management System
• Conduct risk assessment
• Define and enforce IS policies
– ISMS policy, Privacy policy, e-Privacy policy
• Define and enforce IS procedures
– Business continuity planning, Access control ….
• Identify and implement relevant IS controls
– firewall, cryptography, SSL, PKI and DC
• Take in consideration best practices and
standards
– ISO 27001, ITIL, ISO 20000, COBIT, ITAF …
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Identify and achieve CIA balance
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Raise awareness
• Raise awareness for:
– the purpose of e-service
– the benefits from the e-service
– the need for information security
– how is information security organized and
implemented
– importance and existence of IS controls and tools
among management, employees, clients, users, ….
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Summary
• Trend: Flat-lining of usage of services
• Issue: the trust issue
• Answer: first step in dealing with the trsut
issue - information security
• Conclusion: Create and communicate an 
Information Security Management 
System
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Relevant links
• www.iso27001security.com
• http://bledconference.org/index.php/eConference/2010
• http://www.infosec.gov.hk/english/information/services.
html
• http://epp.eurostat.ec.europa.eu/portal/page/portal/eur
ostat/home/
• www.stat.gov.mk
• www.isaca.org
• www.itil-officialsite.com
8th
 SEEITA –  7th
 SEE ICT Forum Meeting & 7th
  MASIT Open Days Conference
14-15 October 2010, Ohrid  www.seeita.org 
Ana Meskovska
anameskovska@gmail.com

More Related Content

Viewers also liked

Viewers also liked (20)

E magazine publishing
E magazine publishingE magazine publishing
E magazine publishing
 
E voting
E votingE voting
E voting
 
e Service Prototype
e Service Prototypee Service Prototype
e Service Prototype
 
e-Job Portals
e-Job Portalse-Job Portals
e-Job Portals
 
E services
E servicesE services
E services
 
E-paper mailing system
E-paper mailing systemE-paper mailing system
E-paper mailing system
 
Presentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kacePresentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kace
 
Finding Library E-Books
Finding Library E-BooksFinding Library E-Books
Finding Library E-Books
 
E service
E serviceE service
E service
 
Ppt of e voting
Ppt of e votingPpt of e voting
Ppt of e voting
 
e-voting system
e-voting systeme-voting system
e-voting system
 
E library system
E library systemE library system
E library system
 
Chapter three e-security
Chapter three e-securityChapter three e-security
Chapter three e-security
 
E-Services - Chapter 1: Introduction
E-Services - Chapter 1: IntroductionE-Services - Chapter 1: Introduction
E-Services - Chapter 1: Introduction
 
E Services
E ServicesE Services
E Services
 
E services
E services E services
E services
 
The basics of e-service
The basics of e-serviceThe basics of e-service
The basics of e-service
 
e-Library
e-Librarye-Library
e-Library
 
E-voting
E-votingE-voting
E-voting
 
What is the definition of E-Service?
What is the definition of E-Service? What is the definition of E-Service?
What is the definition of E-Service?
 

Similar to Information Security for increased usage of e-services - Masit Open Days 2010

IS for increased usage of e-services
  IS for increased usage of e-services  IS for increased usage of e-services
IS for increased usage of e-servicesMASIT MACEDONIA
 
Making csr operational for SME;s
Making csr operational for SME;sMaking csr operational for SME;s
Making csr operational for SME;sMASIT MACEDONIA
 
Integrated Management System
  Integrated Management System  Integrated Management System
Integrated Management SystemMASIT MACEDONIA
 
Increasing competitiveness of macedonian businesses through csr
Increasing competitiveness of macedonian businesses through csrIncreasing competitiveness of macedonian businesses through csr
Increasing competitiveness of macedonian businesses through csrMASIT MACEDONIA
 
Future csr activities of the MOE
Future csr activities of the MOEFuture csr activities of the MOE
Future csr activities of the MOEMASIT MACEDONIA
 
CG and CSR Accomplishments and Awards INet–Skopje
CG and CSR Accomplishments and Awards INet–SkopjeCG and CSR Accomplishments and Awards INet–Skopje
CG and CSR Accomplishments and Awards INet–SkopjeMASIT MACEDONIA
 
Cg and csr accomplishments and awards
Cg and csr accomplishments and awardsCg and csr accomplishments and awards
Cg and csr accomplishments and awardsMASIT MACEDONIA
 
Digital divide & globalization
Digital divide & globalizationDigital divide & globalization
Digital divide & globalizationMASIT MACEDONIA
 
Digital divide and broadband territorial coverage
Digital divide and broadband territorial coverageDigital divide and broadband territorial coverage
Digital divide and broadband territorial coverageMASIT MACEDONIA
 
Why should SME’s participate in FP 7
Why should SME’s participate in FP 7Why should SME’s participate in FP 7
Why should SME’s participate in FP 7MASIT MACEDONIA
 
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT ServicesCyber Watching
 
IoT meetup Belgrade 21-04-2015
IoT meetup Belgrade 21-04-2015IoT meetup Belgrade 21-04-2015
IoT meetup Belgrade 21-04-2015DunavNET
 
ICT Impact in Republic of Kosova
ICT Impact in Republic of KosovaICT Impact in Republic of Kosova
ICT Impact in Republic of KosovaMASIT MACEDONIA
 
Building an international infrastructure for research data - Jisc Digital Fes...
Building an international infrastructure for research data - Jisc Digital Fes...Building an international infrastructure for research data - Jisc Digital Fes...
Building an international infrastructure for research data - Jisc Digital Fes...Jisc
 
TOOP project: Once Only Principle
TOOP project: Once Only PrincipleTOOP project: Once Only Principle
TOOP project: Once Only PrincipleSamos2019Summit
 
ABC4Trust Architecture and the Benefits for eID Schemes
ABC4Trust Architecture and the Benefits for eID SchemesABC4Trust Architecture and the Benefits for eID Schemes
ABC4Trust Architecture and the Benefits for eID SchemesIoannis Krontiris
 

Similar to Information Security for increased usage of e-services - Masit Open Days 2010 (20)

IS for increased usage of e-services
  IS for increased usage of e-services  IS for increased usage of e-services
IS for increased usage of e-services
 
Grid computing
Grid computingGrid computing
Grid computing
 
CSR
CSRCSR
CSR
 
Making csr operational for SME;s
Making csr operational for SME;sMaking csr operational for SME;s
Making csr operational for SME;s
 
Integrated Management System
  Integrated Management System  Integrated Management System
Integrated Management System
 
Increasing competitiveness of macedonian businesses through csr
Increasing competitiveness of macedonian businesses through csrIncreasing competitiveness of macedonian businesses through csr
Increasing competitiveness of macedonian businesses through csr
 
Future csr activities of the MOE
Future csr activities of the MOEFuture csr activities of the MOE
Future csr activities of the MOE
 
CG and CSR Accomplishments and Awards INet–Skopje
CG and CSR Accomplishments and Awards INet–SkopjeCG and CSR Accomplishments and Awards INet–Skopje
CG and CSR Accomplishments and Awards INet–Skopje
 
Cg and csr accomplishments and awards
Cg and csr accomplishments and awardsCg and csr accomplishments and awards
Cg and csr accomplishments and awards
 
Digital divide & globalization
Digital divide & globalizationDigital divide & globalization
Digital divide & globalization
 
Digital divide and broadband territorial coverage
Digital divide and broadband territorial coverageDigital divide and broadband territorial coverage
Digital divide and broadband territorial coverage
 
Why should SME’s participate in FP 7
Why should SME’s participate in FP 7Why should SME’s participate in FP 7
Why should SME’s participate in FP 7
 
Your Broadband Society
Your Broadband SocietyYour Broadband Society
Your Broadband Society
 
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services
"Introduction & Cyberwatching project" - Nick Ferguson, Trust-IT Services
 
IoT meetup Belgrade 21-04-2015
IoT meetup Belgrade 21-04-2015IoT meetup Belgrade 21-04-2015
IoT meetup Belgrade 21-04-2015
 
ICT Impact in Republic of Kosova
ICT Impact in Republic of KosovaICT Impact in Republic of Kosova
ICT Impact in Republic of Kosova
 
Building an international infrastructure for research data - Jisc Digital Fes...
Building an international infrastructure for research data - Jisc Digital Fes...Building an international infrastructure for research data - Jisc Digital Fes...
Building an international infrastructure for research data - Jisc Digital Fes...
 
TOOP project: Once Only Principle
TOOP project: Once Only PrincipleTOOP project: Once Only Principle
TOOP project: Once Only Principle
 
ABC4Trust Architecture and the Benefits for eID Schemes
ABC4Trust Architecture and the Benefits for eID SchemesABC4Trust Architecture and the Benefits for eID Schemes
ABC4Trust Architecture and the Benefits for eID Schemes
 
Big Data & Privacy
Big Data & PrivacyBig Data & Privacy
Big Data & Privacy
 

More from Ana Meskovska

Assessing the institutionalisation of knowledge in an automotive factory at Fiat
Assessing the institutionalisation of knowledge in an automotive factory at FiatAssessing the institutionalisation of knowledge in an automotive factory at Fiat
Assessing the institutionalisation of knowledge in an automotive factory at FiatAna Meskovska
 
Stimulating management innovation through knowledge management
Stimulating management innovation through knowledge management Stimulating management innovation through knowledge management
Stimulating management innovation through knowledge management Ana Meskovska
 
E-educational games in formal education - Poster
E-educational games in formal education - PosterE-educational games in formal education - Poster
E-educational games in formal education - PosterAna Meskovska
 
E-educational games in formal education - ePrototype Bazaar 2011
E-educational games in formal education - ePrototype Bazaar 2011E-educational games in formal education - ePrototype Bazaar 2011
E-educational games in formal education - ePrototype Bazaar 2011Ana Meskovska
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM SystemAna Meskovska
 
Increasing trust towards governmental e-services
Increasing trust towards governmental e-servicesIncreasing trust towards governmental e-services
Increasing trust towards governmental e-servicesAna Meskovska
 
Increasing trust towards government e-services
Increasing trust towards government e-servicesIncreasing trust towards government e-services
Increasing trust towards government e-servicesAna Meskovska
 
E-prototype bazaar - Makedonija
E-prototype bazaar - MakedonijaE-prototype bazaar - Makedonija
E-prototype bazaar - MakedonijaAna Meskovska
 
Proposal for cross border cooperation
Proposal for cross border cooperationProposal for cross border cooperation
Proposal for cross border cooperationAna Meskovska
 
1 The Notion Information And Basic Types Of Information
1 The Notion Information And Basic Types Of Information1 The Notion Information And Basic Types Of Information
1 The Notion Information And Basic Types Of InformationAna Meskovska
 
4 System For Information Security
4 System For Information Security4 System For Information Security
4 System For Information SecurityAna Meskovska
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information SecurityAna Meskovska
 
5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On InternetAna Meskovska
 
Business Process Modeling
Business Process ModelingBusiness Process Modeling
Business Process ModelingAna Meskovska
 
ITSM Qualification Schemes
ITSM Qualification SchemesITSM Qualification Schemes
ITSM Qualification SchemesAna Meskovska
 
Experience from Implementation of ISO 20000
Experience from Implementation of ISO 20000Experience from Implementation of ISO 20000
Experience from Implementation of ISO 20000Ana Meskovska
 
Integration of ICT Standards
Integration of ICT StandardsIntegration of ICT Standards
Integration of ICT StandardsAna Meskovska
 

More from Ana Meskovska (18)

Assessing the institutionalisation of knowledge in an automotive factory at Fiat
Assessing the institutionalisation of knowledge in an automotive factory at FiatAssessing the institutionalisation of knowledge in an automotive factory at Fiat
Assessing the institutionalisation of knowledge in an automotive factory at Fiat
 
Stimulating management innovation through knowledge management
Stimulating management innovation through knowledge management Stimulating management innovation through knowledge management
Stimulating management innovation through knowledge management
 
E-educational games in formal education - Poster
E-educational games in formal education - PosterE-educational games in formal education - Poster
E-educational games in formal education - Poster
 
E-educational games in formal education - ePrototype Bazaar 2011
E-educational games in formal education - ePrototype Bazaar 2011E-educational games in formal education - ePrototype Bazaar 2011
E-educational games in formal education - ePrototype Bazaar 2011
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM System
 
Increasing trust towards governmental e-services
Increasing trust towards governmental e-servicesIncreasing trust towards governmental e-services
Increasing trust towards governmental e-services
 
Increasing trust towards government e-services
Increasing trust towards government e-servicesIncreasing trust towards government e-services
Increasing trust towards government e-services
 
E-prototype bazaar - Makedonija
E-prototype bazaar - MakedonijaE-prototype bazaar - Makedonija
E-prototype bazaar - Makedonija
 
Proposal for cross border cooperation
Proposal for cross border cooperationProposal for cross border cooperation
Proposal for cross border cooperation
 
1 The Notion Information And Basic Types Of Information
1 The Notion Information And Basic Types Of Information1 The Notion Information And Basic Types Of Information
1 The Notion Information And Basic Types Of Information
 
4 System For Information Security
4 System For Information Security4 System For Information Security
4 System For Information Security
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
 
5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet5 Standards And Recommendations For Information Security On Internet
5 Standards And Recommendations For Information Security On Internet
 
Business Process Modeling
Business Process ModelingBusiness Process Modeling
Business Process Modeling
 
ITSM Qualification Schemes
ITSM Qualification SchemesITSM Qualification Schemes
ITSM Qualification Schemes
 
Experience from Implementation of ISO 20000
Experience from Implementation of ISO 20000Experience from Implementation of ISO 20000
Experience from Implementation of ISO 20000
 
Integration of ICT Standards
Integration of ICT StandardsIntegration of ICT Standards
Integration of ICT Standards
 

Information Security for increased usage of e-services - Masit Open Days 2010