| The fast-growing Internet economy has led a transaction in people 's behavior patterns.Various APPs carry different consumption and life needs such as travel,accommodation,shopping,and communications.A large amount of information related to enterprises and personal users are transferred from underline to online,which has caused information security becomes a common concern in all walks of life.With the continuous increasing of the user number,information security in V company which is a big Internet company with more than 100 million personal users has become a key link not to be neglected.APP,as a platform for interaction between enterprises and users,its' security problem will cause a serious impact to the reputation and assets of the company,the privacy and property of users,and whether the enterprise can operate safely and steadily.In addition,the law-enforcement department of Safety Supervision has also paid attention to the impact of risks caused by information security,and a lot of regulations for supervising and managing the information security risks involved in APP have been issued.This article takes information security risk of APP in V Company as the research object.Based on the national and international research result of Information Security Risk,APP Security Risk together with studying of the current status of IS in China and other countries,security management regulations and the actual APP security risk of V company,this article will conduct APP information security risks from risk identification,risk analysis,to risk assessment for V Company,and finally proposes some solutions for solving the existing problems.First,it uses the fishbone diagram method and the interview method to determine Risk Identification based on APP business of V Company,identifies and analyzes the security risk issues of each business submodule,and summarizes the five major risks types.Then,it constructs a structure model of information security risk assessment,conducts the risk assessment via the questionnaire survey and the analytic hierarchy process,it will obtain the evaluation weight of APP information security risk factors,the weighting results will be sorted for security risk levels.Finally,it proposes some improving measures for risk aversion based on current security risk problems,which includes two key points,1)Business security risk protection,including improving the business security system and staff safety awareness;2)Data security risk protection.The successful implementation of these countermeasures will improve the ability of APP to resist risks.Meanwhile,the research is based on the actual case of V Company,once the findings are verified in the company,it will certainly be a good reference for setting up the management system of information security risk in industry. |
PDF Full Text Request