Show simple item record

dc.contributor.authorMakumbi, Leonard
dc.contributor.authorMiriti, Evans K.
dc.contributor.authorKahonge, Andrew M.
dc.date.accessioned2013-03-15T08:53:36Z
dc.date.issued2012
dc.identifier.citationInternational Journal of Computer Applications Volume 57– No.18en
dc.identifier.urihttp://hdl.handle.net/11295/14021
dc.description.abstractOrganizations of all sizes are now significantly reliant upon information and communication technology for the performance of their business activities. They therefore need to ensure that their systems and data are appropriately protected against security threats. Unfortunately, however, there is evidence to suggest that security practices are not strongly upheld within small and medium enterprise environments. The purpose of this study was to investigate the information technology security practices in Small and Medium Enterprises (SMEs) in the financial sector in Kenya. In Particular, the study sought to identify the main perceived threats to information security in the organizations and the measures the organizations put in place to protect the information assets from these threats. The study tried to establish if the risk posed by security failures to the organization’s operations was high based on their reliance in IT systems and if the security posture adopted by the organization reflected the level of risk. The study established that the SMEs studied were highly reliant on Information Technology for their business operations hence the risk posed by failure of IT security was high. The study found that the major perceived and experienced threats to security were viruses and system users. The study also found that in the SMEs, there were some attempts at securing the IT assets though these efforts were largely uncoordinated. The IT security role was frequently unassigned, or allocated to someone without appropriate qualification. Most organizations did not have a formally specified IT security budget although some security related expenditures were made.en
dc.language.isoenen
dc.subjectSMEsen
dc.subjectInformation Securityen
dc.subjectControlsen
dc.subjectThreatsen
dc.subjectICTen
dc.subjectKenyaen
dc.titleAn Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sectoren
dc.typeArticleen
local.embargo.terms6 monthsen
local.embargo.lift2013-09-11T08:53:36Z
local.publisherSchool of Computing and Informaticsen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record