Skip to Main Content
Article navigation
Volume 7, Issue 3
1 August 1999
This article was originally published in
Information Management & Computer Security
Information Management & Computer Security Cover Image for Volume 7, Issue 3
Case Report| August 01 1999

Security requirements, risks and recommendations for small enterprise and home‐office environments Available to Purchase

D. Spinellis;
D. Spinellis
Department of Information and Communication Systems, University of the Aegean, Karlobasi, Greece
Search for other works by this author on:
This Site
PubMed
Google Scholar
S. Kokolakis;
S. Kokolakis
Department of Informatics, Athens University of Economics and Business (AUEB), Athens, Greece
Search for other works by this author on:
This Site
PubMed
Google Scholar
S. Gritzalis
S. Gritzalis
Department of Information and Communication Systems, University of the Aegean, Karlobasi, Greece
Search for other works by this author on:
This Site
PubMed
Google Scholar
Author & Article Information
Publisher: Emerald Publishing
Online ISSN: 1758-5805
Print ISSN: 0968-5227
© MCB UP Limited
1999
Information Management & Computer Security (1999) 7 (3): 121–128.
https://doi.org/10.1108/09685229910371071

The pervasive use of information technology in enterprises of every size and the emergence of widely deployed ubiquitous networking technologies have brought with them a widening need for security. Information system security policy development must begin with a thorough analysis of sensitivity and criticality. Risk analysis methodologies, like CRAMM, provide the ability to analyse and manage the associated risks. By performing a risk analysis on a typical small enterprise and a home‐office set‐up the article identifies the risks associated with availability, confidentiality, and integrity requirements. Although both environments share weaknesses and security requirements with larger enterprises, the risk management approaches required are different in nature and scale. Their implementation requires co‐operation between end users, network service providers, and software vendors.

Keywords:
Risk, Risk management, Small firms, Security, Recommendations
© MCB UP Limited
1999
You do not currently have access to this content.
Don't already have an account? Register

Purchased this content as a guest? Enter your email address to restore access.

Please enter valid email address.
Email address must be 94 characters or fewer.
Pay-Per-View Access
$41.00
Rental
This article is also available for rental through DeepDyve. Read this now at DeepDyve
1,250 Views
View Metrics
Leadership styles and information security policy compliance intentions: the mediating role of psychological empowerment
Cognitive dissonance in cybersecurity – a review and research agenda
Users’ activity logs: the good, the bad, the misconception and the disastrous
Guest editorial: HAISA 2024 special issue

Suggested Reading

Risk identification – basic stage in risk management
Environmental Management and Health (August,2002)
The techniques of risk analysis are insufficient in themselves
Disaster Prevention and Management: An International Journal (August,1997)
Application of systems thinking to risk management:: a review of the literature
Management Decision (December,1995)
There’s no such thing as a risk‐free project
The Antidote (July,2000)
Five things an FD needs to know about the insurance market
Balance Sheet (December,2002)

Related Chapters

Individual Risk Perceptions and Behavior
Contemporary Issues in Social Science
Enterprise Risk Management in Portugal
Enterprise Risk Management in Europe
What We Can Do Right Now: What Needs Further Research?
The School to Prison Pipeline: The Role of Culture and Discipline in School

Recommended for you

These recommendations are informed by your reading behaviors and indicated interests.

Cited By

Google Scholar
This Feature Is Available To Subscribers Only

or Create an Account

Close Modal
Close Modal