ON INFORMATION SECURITY GUIDELINES FOR SMALL/MEDIUM ENTERPRISES

David Chapman; Leon Smalov

doi:10.5220/0002593700030009

ON INFORMATION SECURITY GUIDELINES FOR SMALL/MEDIUM ENTERPRISES

David Chapman, Leon Smalov

2004

Abstract

The adoption rate of Internet-based technologies by United Kingdom (UK) Small and Medium Enterprises (SMEs) is regularly surveyed by the Department of Trade and Industry (DTI). Over several decades information security has evolved from early work such as the Bell La Padula (BLP) model toward widely disseminated Information Security Guidelines containing comprehensive and detailed advice. The overwhelming volume and level-of-detail provided often fails to address the information security requirements of SMEs. SMEs typically fail to implement effective Internet strategies due to lack of information security awareness, lack of technical skills and inadequate financial resources. Awareness of information security issues among SMEs is poor. The European Union supported ISA-EUNET Consortium has developed a set of best practices to support SMEs. We present a sample mapping of the Computer Security Expert Assist Team (CSEAT) Information Security Review Areas onto the Alliance for Electronic Business (AEB) web security guidelines as an example of a possible roadmap approach for SMEs to gain information security awareness.

Download

Paper Citation

in Harvard Style

Chapman D. and Smalov L. (2004). ON INFORMATION SECURITY GUIDELINES FOR SMALL/MEDIUM ENTERPRISES . In Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS, ISBN 972-8865-00-7, pages 3-9. DOI: 10.5220/0002593700030009

in Bibtex Style

@conference{iceis04,
author={David Chapman and Leon Smalov},
title={ON INFORMATION SECURITY GUIDELINES FOR SMALL/MEDIUM ENTERPRISES},
booktitle={Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,},
year={2004},
pages={3-9},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002593700030009},
isbn={972-8865-00-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the Sixth International Conference on Enterprise Information Systems - Volume 3: ICEIS,
TI - ON INFORMATION SECURITY GUIDELINES FOR SMALL/MEDIUM ENTERPRISES
SN - 972-8865-00-7
AU - Chapman D.
AU - Smalov L.
PY - 2004
SP - 3
EP - 9
DO - 10.5220/0002593700030009