• DocumentCode
    1013707
  • Title

    Information security tools and practices: what works?

  • Author

    Ryan, Julie J C H

  • Author_Institution
    Sch. of Eng. & Appl. Sci., George Washington Univ., Washington, DC, USA
  • Volume
    53
  • Issue
    8
  • fYear
    2004
  • Firstpage
    1060
  • Lastpage
    1063
  • Abstract
    Much effort has been expended characterizing the threats and vulnerabilities associated with information security. The next step, analyzing experiences using security practices and tools, provides insight into what works and what appears to be unused or ineffective. We present a brief analysis of data gathered from small businesses in the US regarding their experiences and practices. While the use of security-related tools is limited, there are some clear indicators that emerge from the analysis. Two critical inferences are that restrictive access control practices work to reduce problems and that the use of tools is related to a higher incident rate of problems. This may mean that those who experience problems are more likely to invest in control mechanisms.
  • Keywords
    security of data; small-to-medium enterprises; access control; business practices; computer security; information security tool; small business data analysis; Access control; Computer security; Computer viruses; Data analysis; Data mining; Data security; Information security; Knowledge management; Resource management; Warehousing; 65; Information security; access control; best business practices; computer security; current business practices.; security technologies;
  • fLanguage
    English
  • Journal_Title
    Computers, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    0018-9340
  • Type

    jour

  • DOI
    10.1109/TC.2004.45
  • Filename
    1306997
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1013707