IT Security Strategies for SME's
Source: Hannam university
Small and Medium Enterprises (SMEs) is leaning more on their Information Technology (IT) infrastructure but they lack the means to secure it appropriately due to financial restrictions, limited resources, and adequate know-how. Many SME managers believe that IT security in their company is basically equivalent to having a firewall and updating the antivirus software regularly. Strategic policies, information theft, business continuity, access controls, and many other aspects are only dealt with in case of security incidents. To improve security in a company holistically, four levels (organizational level, workflow level, information level, and technical level) need to be addressed. Parts of existing standards are useful to address issues on the organizational level; Pipkin's approach is especially useful for SMEs.