An investigation of information security in small and medium enterprises (SME's) in the Eastern Cape

Upfold, Christopher Tennant (2005) An investigation of information security in small and medium enterprises (SME's) in the Eastern Cape. Masters thesis, Rhodes University.




Small and Medium Enterprises (SME’s) embrace a wide range of information systems and technology that range from basic bookkeeping and general purpose office packages, through to advanced E-Business Web portals and Electronic Data Interchange (EDI). A survey, based on SABS ISO/IEC 17799 was administered to a select number of SME’s in the services sector, in the Eastern Cape. The results of the survey revealed that the level of information security awareness amongst SME leadership is as diverse as the state of practice of their information systems and technology. Although a minority of SME’s do embrace security frameworks such as SABS ISO/IEC 17799 or the International equivalent, BS7799, most SME leaders have not heard of security standards, and see information security as a technical intervention designed to address virus threats and data backups. Furthermore, there are several “stripped-down” standards and guidelines for SME’s, based mostly on SABS ISO/IEC 17799, but designed as streamlined, more easily implemented options. Again, these “lighter” frameworks are scarcely used and largely unknown by SME’s. Far from blaming SME leadership for not understanding the critical issues surrounding information security, the research concludes that SME leadership need to engage, understand and implement formal information security processes, failing which their organisations may be severely impacted by inadvertent threats / deliberate attacks on their information systems which could ultimately lead to business failure.

Item Type:Thesis (Masters)
Uncontrolled Keywords:Small business, Computer security, Information technology, South Africa, Management information systems, Standards
Subjects:H Social Sciences > HF Commerce
Divisions:Research Institutes and Units > Rhodes Business School
ID Code:2702
Deposited By: Mrs Carol Perold
Deposited On:25 Apr 2012 06:31
Last Modified:25 Apr 2012 06:31
0 full-text download(s) since 25 Apr 2012 06:31
0 full-text download(s) in the past 12 months
More statistics...

Repository Staff Only: item control page