Security requirements, risks and recommendations for small enterprise and home-office environments

Information Management and Computer Security

Volumn 7, Issue 3-4, 1999, Pages 121-128

  Spinellis, D ^a   Kokolakis, S ^b   Gritzalis, S ^a  

^a UNIVERSITY OF THE AEGEAN   (Greece)

^b ATHENS UNIVERSITY OF ECONOMICS AND BUSINESS   (Greece)

Author keywords

Recommendations; Risk; Risk management; Security; Small firms

Indexed keywords

EID: 0003168891     PISSN: 09685227     EISSN: None     Source Type: Journal    
DOI: 10.1108/09685229910371071     Document Type: Article

References (14)

1. Bangemann Committee (1994), Europe and the Global Information Society: Report of the High Level Group on the Information Society (Bangemann Report), Commission of the EU, Brussels.
2. Commission of the European Communities (1993a), Glossary of information systems security, DGXIII, INFOSEC Programme/ S2001.
3. Commission of the European Communities (1993b), Risk analysis methods database, DGXIII, INFOSEC Programme/S2014/WP08.
4. Dubois, E. and Wu, S. (1996), "A framework for dealing with and specifying security requirements in information systems", in Katsikas, S.K. and Gritzalis, D. (Eds), Information Systems Security: Facing the Information Society of the 21st Century, Chapman-Hall, pp. 88-99.
5. Eloff, H.P., Labuschagne, L. and Badenhorst, K.P. (1993), "A comparative framework for risk analysis methods", Computers and Security, Vol. 12 No. 6, pp. 597-603.
6. Gritzalis, S., Aggelis, G. and Spinellis, D. (1999), "Architectures for secure portable executable content", Internet Research Journal, Vol. 9 No. 1, pp. 16-24.
7. Hinde, S. (1998), "Recent security surveys", Computers and Security, Vol. 17 No. 3, pp. 207-10.
8. ISO/IEC/JTC1 (1996), Information Technology - Security Techniques - Guidelines for the Management of IT Security, GMITS, ISO/IEC DTR13335.
9. Kaba, E. (1996), The NCSA Guide to Enterprise Security: Protecting Information Assets, McGraw-Hill.
10. Rohm, A., Pernul, G. and Herrmann, G. (1998), "Modelling secure and fair electronic commerce", Proceedings of the 14th Annual Computer Security Applications Conference, IEEE Computer Press, pp. 155-64.
11. UK Audit Commission (1998), Ghost in the Machine-An Analysis of IT Fraud and Abuse, The Audit Commission, UK.
12. United Kingdom Central Computer and Telecommunication Agency (1996), CCTA Risk Analysis and Management Method: User Manual, version 3.0 edition, HMSO, London.
13. Warren, M.J. and Furnell, S.M. (1998), "Electronic commerce: winners and losers", Proceedings of the INC'98 1st International Network Conference, University of Plymouth, pp. 197-202.
14. Wilsher, E.G. and Kurth, H. (1996), "Security assurance in Information systems", in Katsikas, S.K. and Gritzalis, D. (Eds), Information Systems Security: Facing the Information Society of the 21st Century, Chapman-Hall, pp. 74-87.