Individuals impacted by disabilities see various adverse effects in their day-to-day lives, specifically individuals on a spectrum who are unable to integrate into the workforce. To help ensure equitable access for individuals with disabilities, Assistive Technology (AT) bridges this gap by providing specialized tools and devices that empower individuals with disabilities to interact with digital environments seamlessly. These technologies range from screen readers and speech recognition software to adaptive hardware. While AT promote inclusion, they also introduce unique cybersecurity and privacy risks. The sensitive nature of user data, ranging from biometric information to personal communication logs, demands stringent security measures. Small and Medium-sized Enterprises (SMEs), often at the forefront of AT deployment and integration, may lack the resources or expertise to implement robust security frameworks. This is where information security standards, such as ISO 27001, play a crucial role. ISO 27001 provides a structured approach to establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). This ensures that SMEs can protect sensitive AT data while complying with security best practices. This paper is divided into two parts. The first part provides an overview of assistive technologies, relevant security standards, and key ISO 27001 controls for securing AT solutions. The second part presents a case study of a Canadian-based SME that employs a neurodiverse workforce, including individuals with Autism Spectrum Disorder (ASD). The paper explores the organization’s approach to implementing ISO 27001 while considering the unique requirements of assistive technologies, the challenges faced during implementation, and the strategies used to mitigate them.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Ensuring Information Security in Inclusive Digital Environments

  • Damilola Innomesanghan,
  • Emmanuel Kiwamu,
  • Sergey Butakov,
  • Eslam G. AbdAllah

摘要

Individuals impacted by disabilities see various adverse effects in their day-to-day lives, specifically individuals on a spectrum who are unable to integrate into the workforce. To help ensure equitable access for individuals with disabilities, Assistive Technology (AT) bridges this gap by providing specialized tools and devices that empower individuals with disabilities to interact with digital environments seamlessly. These technologies range from screen readers and speech recognition software to adaptive hardware. While AT promote inclusion, they also introduce unique cybersecurity and privacy risks. The sensitive nature of user data, ranging from biometric information to personal communication logs, demands stringent security measures. Small and Medium-sized Enterprises (SMEs), often at the forefront of AT deployment and integration, may lack the resources or expertise to implement robust security frameworks. This is where information security standards, such as ISO 27001, play a crucial role. ISO 27001 provides a structured approach to establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS). This ensures that SMEs can protect sensitive AT data while complying with security best practices. This paper is divided into two parts. The first part provides an overview of assistive technologies, relevant security standards, and key ISO 27001 controls for securing AT solutions. The second part presents a case study of a Canadian-based SME that employs a neurodiverse workforce, including individuals with Autism Spectrum Disorder (ASD). The paper explores the organization’s approach to implementing ISO 27001 while considering the unique requirements of assistive technologies, the challenges faced during implementation, and the strategies used to mitigate them.