Title :
Information security tools and practices: what works?
Author :
Ryan, Julie J C H
Author_Institution :
Sch. of Eng. & Appl. Sci., George Washington Univ., Washington, DC, USA
Abstract :
Much effort has been expended characterizing the threats and vulnerabilities associated with information security. The next step, analyzing experiences using security practices and tools, provides insight into what works and what appears to be unused or ineffective. We present a brief analysis of data gathered from small businesses in the US regarding their experiences and practices. While the use of security-related tools is limited, there are some clear indicators that emerge from the analysis. Two critical inferences are that restrictive access control practices work to reduce problems and that the use of tools is related to a higher incident rate of problems. This may mean that those who experience problems are more likely to invest in control mechanisms.
Keywords :
security of data; small-to-medium enterprises; access control; business practices; computer security; information security tool; small business data analysis; Access control; Computer security; Computer viruses; Data analysis; Data mining; Data security; Information security; Knowledge management; Resource management; Warehousing; 65; Information security; access control; best business practices; computer security; current business practices.; security technologies;
Journal_Title :
Computers, IEEE Transactions on
