Information Security Tools and Practices: What Works?

Publication
2004
Issue No. 8 - August
Abstract - Information Security Tools and Practices: What Works?

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Julie J.C.H. Ryan

Information Security Tools and Practices: What Works?

August 2004 (vol. 53 no. 8)

pp. 1060-1063

	ASCII Text	x
	Julie J.C.H. Ryan, "Information Security Tools and Practices: What Works?," IEEE Transactions on Computers, vol. 53, no. 8, pp. 1060-1063, August, 2004.

	BibTex	x
	@article{ 10.1109/TC.2004.45, author = {Julie J.C.H. Ryan}, title = {Information Security Tools and Practices: What Works?}, journal ={IEEE Transactions on Computers}, volume = {53}, number = {8}, issn = {0018-9340}, year = {2004}, pages = {1060-1063}, doi = {http://doi.ieeecomputersociety.org/10.1109/TC.2004.45}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Computers TI - Information Security Tools and Practices: What Works? IS - 8 SN - 0018-9340 SP1060 EP1063 EPD - 1060-1063 A1 - Julie J.C.H. Ryan, PY - 2004 KW - Information security KW - computer security KW - access control KW - security technologies KW - best business practices KW - current business practices. VL - 53 JA - IEEE Transactions on Computers ER -

Julie J.C.H. Ryan

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2004.45

Abstract—Much effort has been expended characterizing the threats and vulnerabilities associated with information security. The next step, analyzing experiences using security practices and tools, provides insight into what works and what appears to be unused or ineffective. This paper presents a brief analysis of data gathered from small businesses in the US regarding their experiences and practices. While the use of security-related tools is limited, there are some clear indicators that emerge from the analysis. Two critical inferences are that restrictive access control practices work to reduce problems and that the use of tools is related to a higher incident rate of problems. This may mean that those who experience problems are more likely to invest in control mechanisms.

[1] J. Kerstetter and J. Madden, Web Attacks Raise Chilling Questions for IT Zdnet eWeek, 11 Feb. 2000, http://www.zdnet.com/eweek/stories/general 0,11011,2436607,00.html.
[2] J.J.C.H. Ryan and T.I. Jefferson, The Use, Misuse, and Abuse of Statistics in Information Security Research Proc. 2003 ASEM Nat'l Conf. 2003.
[3] Small Business Administration, Small Business Administration Frequently Asked Questions http:/www.sba.gov/, Oct. 1999.
[4] Small Business Administration, Small Business Answer Card Office of Advocacy Small Business Answer Card,http://www.sba.gov/advo/statsec_anscd.html , Nov. 1999.

Index Terms:

Information security, computer security, access control, security technologies, best business practices, current business practices.

Citation:

Julie J.C.H. Ryan, "Information Security Tools and Practices: What Works?," IEEE Transactions on Computers, vol. 53, no. 8, pp. 1060-1063, Aug. 2004, doi:10.1109/TC.2004.45

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.

Print and Online Advertising Opportunities