Abstract

Internet is not a friendly place where academic elite communicates and generously shares its knowledge anymore. It has become commercialized, politicized, spammed, spied and all in all a totally insane place. Nevertheless, we must all use it and learn how to live in those polluted conditions. IT professionals must organize and implement defensive and preventive measures.
Before any technical means of defence can be deployed, there must be a Security Policy in place, which gives users the basic rules of acceptable behaviour, and IT personnel authority to act.

In our workshop, we will present the industrial standards that serve as a starting point in creation of Policies, such as ISO 17990 and NIST draft for Internet Security Policy. Then we will argue that such rigid standards are not well suited for the academic environment, where a certain degree of freedom is necessary to support research, education and invention. While some rules can be very similar in both commercial and academic organizations, policies must be localized and adapted to a specific culture.

Biography

Aco Dmitrović graduated philosophy at Zagreb University. Since then worked as a journalist, photographer, high school teacher and lecturer at Open University. From 1991. in IT as a database application programmer, network administrator and Unix system administrator. Currently in charge of IT security at University Computing Centre, Zagreb. Author of two books, about Visual Basic and Linux operating system. Occasionally writting articles for Croatian computer magazines. Promotor of Open Source software and editor of Croatin web portal for system engineers, http://sitemac.carnet.hr.