An ongoing concern within the Intellectual Technological world is the issue of security. There are severe consequences if someone without permission searches a computer for secret information that was left unlocked. In order to prevent this situation from occurring, rules about password lengths or employees bringing personal flash drives into the company should be created and followed.As Internet become a worldwide phenomenon, the use of information technology is growing more than ever. With more use and accessibility to Internet, new threats against companies have also emerged. This report brings up the main issues that a company needs to regulate today.The standard for regulations and proposals for IT-security comes in a document called Iso 17799 and very complicated for those who are not experts in the field.

This report was made for the company HordaGruppen AB to investigate how information security was handled. This report fits in the Master program of Internet Technology at School of Engineering in Jönköping University in Sweden.The question at issue was how you protect your information against different threats. One question was how to make an information security policy and which guidelines you can follow in the Swedish Standard, SS-ISO/IEC 17799:2000.Another question was to investigate the information sources at the company and which threats there are against it.The work begins with a presentation about information security for the chief of information and the chief of quality in the company. The next thing was to do a survey of as thing are at present with a tool from Länsteknikcentrum called ?Infosäkpulsen?.

Dokumentet är ett resultat av studier gjorda under kursen Kandidatarbete I Datavetenskap. Arbetet utforskade, genom fallstudie, två egenskaper av distribuerade informationssystem och relation mellan dessa: säkerhet och prestanda. Målet med fallstudien har varit att belysa nackdelen med användning av Secure Socker Layer (SSL) dvs. dess effekt på hastigheten och fördelen med SSL, dvs. SSL:s roll i informationssäkerhetsarbetet.

Dokumentet är ett resultat av studier gjorda under kursen Kandidatarbete I Datavetenskap. Arbetet utforskade, genom fallstudie, två egenskaper av distribuerade informationssystem och relation mellan dessa: säkerhet och prestanda. Målet med fallstudien har varit att belysa nackdelen med användning av Secure Socker Layer (SSL) dvs. dess effekt på hastigheten och fördelen med SSL, dvs. SSL:s roll i informationssäkerhetsarbetet. Arbetet visar hur prestanda i ett tillämpad distribuerat informationssystem kan påverkas av en SSL tillämpning.

During 2001-2002 a prototype, IMIS (Integrated Mobile Information System) was developed at BTH (Blekinge University of Technology) to demonstrate how mobile IT-systems can be used in healthcare. The prototype was based on the activity theory of Engeström. An ongoing project started in spring 2003. The purpose of the project is further development of IMIS with special focus in the diabetes healthcare. Participants in the project are scientists and students at BTH, ALMI Företagspartner, Blekinge FoU-enhet, Barndiabetesförbundet Blekinge, Blekinge Diabetesförening, Vårdcentralen Ronneby and Vårdcentralen Sölvesborg.

During 2001-2002 a prototype, IMIS (Integrated Mobile Information System) was developed at BTH (Blekinge University of Technology) to demonstrate how mobile IT-systems can be used in healthcare. The prototype was based on the activity theory of Engeström. An ongoing project started in spring 2003. The purpose of the project is further development of IMIS with special focus in the diabetes healthcare. Participants in the project are scientists and students at BTH, ALMI Företagspartner, Blekinge FoU-enhet, Barndiabetesförbundet Blekinge, Blekinge Diabetesförening, Vårdcentralen Ronneby and Vårdcentralen Sölvesborg.

The ISO standard ISO/IEC 17799/SS-627799-2 is a guidance for organizations to realize their information security goals. In spite of this standard, studies show flaws regarding information security in organizations. In particular flaws regarding overall view, knowledge and clear roles and responsibilities have been observed. The ISIT (Information Security Integrated Three level) model and its guidelines, developed in this thesis, help organizations to identify the required processes and procedures as well as the logical process flow. The thesis is based on theoretical studies and a case study within a multinational company.

The ISO standard ISO/IEC 17799/SS-627799-2 is a guidance for organizations to realize their information security goals. In spite of this standard, studies show flaws regarding information security in organizations. In particular flaws regarding overall view, knowledge and clear roles and responsibilities have been observed. The ISIT (Information Security Integrated Three level) model and its guidelines, developed in this thesis, help organizations to identify the required processes and procedures as well as the logical process flow. The thesis is based on theoretical studies and a case study within a multinational company.