Information security threats and practices in small businesses

Information Systems Management

Volumn 22, Issue 2, 2005, Pages 7-19

  Keller, Shannon ^a   Powell, Anne ^a   Horstmann, Ben ^b   Predmore, Chad ^b   Crawford, Matt ^c  

^a SOUTHERN ILLINOIS UNIVERSITY EDWARDSVILLE   (United States)

^b Korte Co   (United States)

^c NONE   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; COMPUTER SOFTWARE; DATA PRIVACY; INDUSTRY; INFORMATION TECHNOLOGY; INTERCONNECTION NETWORKS; INTERNET; MANAGEMENT INFORMATION SYSTEMS; TELECOMMUNICATION SERVICES;

AMERICAN EXPRESS (CO); BUSINESS DATA; EMERGENCY ACTION PLAN (EAP); INTERCONNEVTIVITY;

SECURITY OF DATA;

EID: 15844405077     PISSN: 10580530     EISSN: None     Source Type: Journal    
DOI: 10.1201/1078/45099.22.2.20050301/87273.2     Document Type: Article

References (35)

1. Abu-Musa, Ahmad. 2004. Auditing E-Business:New Challenges for External Auditors. Journal of American Academy of Business, 4 (1):28–41.
2. American Express. 22 October 2002. OPEN Small Business Network Semi-Annual Monitor, Accessed 23 July 2004 http://home3.americanexpress.com/corp/latestnews/osbnm2002.asp
3. 25 August 2002. By-passing JavaScript Filters—The Flash! Attack. Eye on Security, Anonymous Accessed 27 July 2004 http://eyeonsecurity.org/papers/flash-xss.pdf
4. Berinato, Scott. 2003. FrankenPatch, 1CIO. November 1
5. Besnard, Denis, and Budi, Arief. 2004. Computer Security Impaired by Legitimate Users. Computers & Security, 23:253–264.
6. CiscoSystems. 2004. Security and VPN Solutions for Large Enterprises, Accessed 23 July 2004 http://www.cisco.com
7. Colias, Mike. 2004. Cyber Security. Hospitals and Health Networks, 78:60–64.
8. Desmond, Paul. 17 May 2004. All-Out Blitz against Web App Attacks. Network World Fusion, Accessed 1 June 2004 http://www.nwfusion. com/techinsider/2004/0517techinsidermain. html
9. Dubie, Denise. 25 November 2003. Symantec CEO Warns of New Threats. Network World Fusion, Accessed 25 July 2004 http://www. nwfusion.com/newsletters/ecomm/2003/1124ecom1.html
10. Erlanger, Leon. 2003. Top Five Myths about Safe Surfing. PC Magazine,:84 December 9
11. Ernst and Young. 9 July 2003. 2003 Global Information Security Survey, Accessed 24 July 2004 http://www.ey.com/global/Content.nsf/US/Issues_Perspectives_-_Library_-_Overview
12. Ernst and Young. September 2004. 2004 Global Information Security Survey, Accessed 18 October 2004 http://www.ey.com/global/content.nsf/us/issues_perspectives_-Library_-_Overview
13. Garfinkel, Simson. 2002. Firewall Follies. Technology Review, 105 (7):33
14. Gordon, Lawrence A., Loeb, Martin P., Lucyshyn, William, and Richardson, Robert. 2004. 2004 CSI/FBI Computer Crime and Security Survey, Computer Security Institute. Accessed 20 July 2004 http://www.gocsi.com/forms/fbi/pdf.html
15. Herbert, Jeff. 28 April 2003. Introducing Security to the Small Business Enterprise, Sans Institute. Accessed 24 July 2004 http://www.giac. org/practical/GSEC/Jeff_Herbert_GSEC.pdf
16. Hilley, Sarah. 2 October 2003. Virus Writers Faster to the Kill, Compsec Online. Accessed 25 July 2004 http://www.compseconline.com/analysis/031002.nesesymantecthreat.html
17. Kankanhalli, Atreyi, Teo, Hock-Hai, Tan, Bernard C.Y., and Wei, Kwok-Kee. 2003. An Integrative Study of Information Systems Security Effectiveness. International Journal of Information Management, 23:139–154.
18. Kotulic, Andrew, and Clark, Jan Guynes. May 2004. Why There Aren't More Information Security Research Studies. Information & Management, 41 (5):597–607.
19. Liu, Peng, Jajodia, Sushil, and McCollum, Catherine. 2000. Intrusion Confinement by Isolation in Information Systems. Journal of Computer Security, 8 (4):243–280.
20. Microsoft. 2004. Security Guidance Center for Small Businesses, Accessed 12 October 2004. http://www.microsoft.com/smallbusinesses/gtm/securityguidance/hub.mspx
21. Panko, Raymond R., 2003. Business Data Networks and Telecommunications, New Jersey:Prentice Hall.
22. Phillips, John. 2002. Privacy versus Cybersecurity. Information Management Journal, 36 (3):46–50.
23. Piazza, Peter. June 2004. Crime Fighters Cast Wide Net. Security Management, 48:119–126.
24. Post, Gerald, and Kagan, Albert. 2000. Management Tradeoffs in Anti-Virus Strategies. Information & Management, 37:13–24.
25. Robbins, Alexandra. 2004. The Virus Wars. PC Magazine, July 6:114
26. Schultz, Eugene. 2004. Security Training and Awareness—Fitting a Square Peg in a Round Hole. Computers & Security, 23:1–2.
27. Schwartz, Mathew. 21 July 2004. Eradicating Spyware in the Enterprise. Enterprise Systems, Accessed 22 July 2004 http://www.esj.com/News/article.asp?EditorialsID=1050
28. Stevens, David. 2003. Protecting Records. Information Management Journal, 37 (1):33–40.
29. Udell, Jon. 2002. Overlooked Best Practices. InfoWorld, 24 August 26:44
30. Vasaris, A. J., 2004. Testing Disaster Reocvery Plans. Digits, http://www.digits.com/articlss/backup—testing-disaster-recovery-plans.htm
31. Vroom, Cheryl, and Rossouw, vonSolms. 2004. Towards Information Security Behavioural Compliance. Computers & Security, 23:191–198.
32. Weafer, Vincent. 2002. Blended Threats. T.H.E. Journal, 30 (5):16
33. Wexler, Jonie. 2004. Sidebar:Security and QoS Lexicon. Computerworld, 38 January 19:40
34. White, Gayle Webb, and Pearson, Sheila. 2001. Controlling Corporate E-mail, PC Use and Computer Security. Information Management & Computer Security, 9 (2/3):88–92.
35. Whitman, Michael E., 2004. In Defense of the Realm:Understanding the Threats to Information Security. International Journal of Information Management, 24:43–57.