Security requirements, risks and recommendations for small enterprise and home‐office environments-Reference-Cited by-同舟云学术

Security requirements, risks and recommendations for small enterprise and home‐office environments

Published:1999-08-01 Issue:3 Volume:7 Page:121-128
ISSN:0968-5227
Container-title:Information Management & Computer Security
language:en
Short-container-title:

Author:

Spinellis D.,Kokolakis S.,Gritzalis S.

Abstract

The pervasive use of information technology in enterprises of every size and the emergence of widely deployed ubiquitous networking technologies have brought with them a widening need for security. Information system security policy development must begin with a thorough analysis of sensitivity and criticality. Risk analysis methodologies, like CRAMM, provide the ability to analyse and manage the associated risks. By performing a risk analysis on a typical small enterprise and a home‐office set‐up the article identifies the risks associated with availability, confidentiality, and integrity requirements. Although both environments share weaknesses and security requirements with larger enterprises, the risk management approaches required are different in nature and scale. Their implementation requires co‐operation between end users, network service providers, and software vendors.

Publisher

Emerald

Subject

Library and Information Sciences,Management Science and Operations Research,Business and International Management,Management Information Systems

Reference14 articles.

1. Bangemann Committee (1994), Europe and the Global Information Society: Report of the High Level Group on the Information Society (Bangemann Report), Commission of the EU, Brussels.

2. Commission of the European Communities (1993a), Glossary of information systems security, DGXIII, INFOSEC Programme/S2001.

3. Commission of the European Communities (1993b), Risk analysis methods database, DGXIII, INFOSEC Programme/S2014/WP08.

4. Dubois, E. and Wu, S. (1996), “A framework for dealing with and specifying security requirements in information systems”, in Katsikas, S.K. and Gritzalis, D. (Eds), Information Systems Security: Facing the Information Society of the 21st Century, Chapman‐Hall, pp. 88‐99.

5. Eloff, H.P., Labuschagne, L. and Badenhorst, K.P. (1993), “A comparative framework for risk analysis methods”, Computers and Security, Vol. 12 No. 6, pp. 597‐603.

Cited by 20 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. State of the art in information security policy development;Computers & Security;2020-01

2. Exiting the Risk Assessment Maze;ACM Computing Surveys;2019-01-31

3. Mobile device security considerations for small- and medium-sized enterprise business mobility;Information Management & Computer Security;2014-03-04

4. Human resource information systems: Information security concerns for organizations;Human Resource Management Review;2013-03

5. Innovative Knowledge Transfer Mechanisms and the Potential Role for Theatric Methods in the Propagation of Good Data Handling Practice;Innovation through Knowledge Transfer;2010