An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector

Leonard Makumbi; Evans K. Miriti; andrew M. Kahonge

Call for Paper

January Edition

IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper

Know more

The week's pick

Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen

Random Articles

Opinion Mining Techniques on Social Media Data

May

2015

Cosine Transformed Row and Column Mean Content Based Image Retrieval using Higher Energy Coefficients with Image Tiling and Assorted Similarity Measures

February

2015

Biphase Amplifier based Precision Rectifiers using Current Conveyors

March

2012

Building GIS Applications using Spatial Network Data Models

Apr

2019

Reseach Article

An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector

by Leonard Makumbi, Evans K. Miriti, andrew M. Kahonge

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 57 - Number 18

Year of Publication: 2012

Authors: Leonard Makumbi, Evans K. Miriti, andrew M. Kahonge

10.5120/9216-3767

Leonard Makumbi, Evans K. Miriti, andrew M. Kahonge . An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector. International Journal of Computer Applications. 57, 18 ( November 2012), 33-36. DOI=10.5120/9216-3767

@article{ 10.5120/9216-3767,

author = { Leonard Makumbi, Evans K. Miriti, andrew M. Kahonge },

title = { An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector },

journal = { International Journal of Computer Applications },

issue_date = { November 2012 },

volume = { 57 },

number = { 18 },

month = { November },

year = { 2012 },

issn = { 0975-8887 },

pages = { 33-36 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume57/number18/9216-3767/ },

doi = { 10.5120/9216-3767 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T21:00:49.968543+05:30

%A Leonard Makumbi

%A Evans K. Miriti

%A andrew M. Kahonge

%T An Analysis of Information Technology (IT) Security Practices: A Case Study of Kenyan Small and Medium Enterprises (SMEs) in the Financial Sector

%J International Journal of Computer Applications

%@ 0975-8887

%V 57

%N 18

%P 33-36

%D 2012

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Organizations of all sizes are now significantly reliant upon information and communication technology for the performance of their business activities. They therefore need to ensure that their systems and data are appropriately protected against security threats. Unfortunately, however, there is evidence to suggest that security practices are not strongly upheld within small and medium enterprise environments. The purpose of this study was to investigate the information technology security practices in Small and Medium Enterprises (SMEs) in the financial sector in Kenya. In Particular, the study sought to identify the main perceived threats to information security in the organizations and the measures the organizations put in place to protect the information assets from these threats. The study tried to establish if the risk posed by security failures to the organization's operations was high based on their reliance in IT systems and if the security posture adopted by the organization reflected the level of risk. The study established that the SMEs studied were highly reliant on Information Technology for their business operations hence the risk posed by failure of IT security was high. The study found that the major perceived and experienced threats to security were viruses and system users. The study also found that in the SMEs, there were some attempts at securing the IT assets though these efforts were largely uncoordinated. The IT security role was frequently unassigned, or allocated to someone without appropriate qualification. Most organizations did not have a formally specified IT security budget although some security related expenditures were made.

References

Dojkovski, S. , Lichtenstein, S. , & Warren, M. J. (2007). Fostering Information Security Culture in Small and Medium Size Enterprises: An Interpretive Study in Australia. 15th European Conference on Information Systems, (pp. 1560-1571). St. Gallen, Switzerland.
Kimwele, M. , Mwangi, W. , & Kimani, S. (2010). Adoption of Information Technology Security: Case Study of Kenyan Small and Medum Entreprises (SMEs). Journal of Theoretical and Applied Information Technology, 18 (2).
Kothari, C. (2004). Research Methodology: Methods and Techniques. Delhi, India: New Age International (P) Ltd.
Microsoft. (2005). Security Guide for Small Business. Microsoft.
Soy, S. K. (2006). The Case Study as a Research Method. Retrieved Oct, 2012, from http://www. gslis. utexas. edu/~ssoy/usesusers/l391d1b. htm
Stoneburner, G. , Hayden, C. , & Feringa, a. A. (2004). Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A. National Institute of Standards and Technology.

Index Terms

Computer Science

Information Sciences

Keywords

SMEs Information Security Controls Threats ICT Kenya