dc.contributor.author | Makumbi, Leonard | |
dc.contributor.author | Miriti, Evans K. | |
dc.contributor.author | Kahonge, Andrew M. | |
dc.date.accessioned | 2013-03-15T08:53:36Z | |
dc.date.issued | 2012 | |
dc.identifier.citation | International Journal of Computer Applications Volume 57– No.18 | en |
dc.identifier.uri | http://hdl.handle.net/11295/14021 | |
dc.description.abstract | Organizations of all sizes are now significantly reliant upon
information and communication technology for the
performance of their business activities. They therefore need
to ensure that their systems and data are appropriately
protected against security threats. Unfortunately, however,
there is evidence to suggest that security practices are not
strongly upheld within small and medium enterprise
environments.
The purpose of this study was to investigate the information
technology security practices in Small and Medium
Enterprises (SMEs) in the financial sector in Kenya. In
Particular, the study sought to identify the main perceived
threats to information security in the organizations and the
measures the organizations put in place to protect the
information assets from these threats. The study tried to
establish if the risk posed by security failures to the
organization’s operations was high based on their reliance in
IT systems and if the security posture adopted by the
organization reflected the level of risk. The study established
that the SMEs studied were highly reliant on Information
Technology for their business operations hence the risk posed
by failure of IT security was high. The study found that the
major perceived and experienced threats to security were
viruses and system users. The study also found that in the
SMEs, there were some attempts at securing the IT assets
though these efforts were largely uncoordinated. The IT
security role was frequently unassigned, or allocated to
someone without appropriate qualification. Most
organizations did not have a formally specified IT security
budget although some security related expenditures were
made. | en |
dc.language.iso | en | en |
dc.subject | SMEs | en |
dc.subject | Information Security | en |
dc.subject | Controls | en |
dc.subject | Threats | en |
dc.subject | ICT | en |
dc.subject | Kenya | en |
dc.title | An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector | en |
dc.type | Article | en |
local.embargo.terms | 6 months | en |
local.embargo.lift | 2013-09-11T08:53:36Z | |
local.publisher | School of Computing and Informatics | en |