中小企业视角下的IT服务管理

2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC) Pub Date : 2016-09-01 DOI:10.1109/QUATIC.2016.053

Mehdi Panjwani, M. Jäntti, Juuso Sormunen

{"title":"中小企业视角下的IT服务管理","authors":"Mehdi Panjwani, M. Jäntti, Juuso Sormunen","doi":"10.1109/QUATIC.2016.053","DOIUrl":null,"url":null,"abstract":"Most of the existing information security management studies focus on information security of large organizations preventing security threats. However, a security management perspective of a small and medium-sized (SME) company is relatively different. Small and medium sized companies are at a greater risk because they cannot afford expensive tools. They lack process improvement capabilities and effort that can be spent on security management is limited. Due to limited budget, they cannot invest heavily in the IT service infrastructure and IT manpower. They become easy targets for cyber criminals and they can be easily victimized as they lack the resources compared to larger companies. Malicious internet content also becomes one of the major security concerns. Therefore, this study aims to answer the research problem: How small and mediumsized organizations perform IT security management. The main contribution of the paper is to capture information security management challenges from an SME's viewpoint and provide solutions to tackle these challenges. This paper aims to improve information security management of SMEs. From IT Service management perspective, the case study research approach was utilized in the study.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"IT Service Management from a Perspective of Small and Medium Sized Companies\",\"authors\":\"Mehdi Panjwani, M. Jäntti, Juuso Sormunen\",\"doi\":\"10.1109/QUATIC.2016.053\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most of the existing information security management studies focus on information security of large organizations preventing security threats. However, a security management perspective of a small and medium-sized (SME) company is relatively different. Small and medium sized companies are at a greater risk because they cannot afford expensive tools. They lack process improvement capabilities and effort that can be spent on security management is limited. Due to limited budget, they cannot invest heavily in the IT service infrastructure and IT manpower. They become easy targets for cyber criminals and they can be easily victimized as they lack the resources compared to larger companies. Malicious internet content also becomes one of the major security concerns. Therefore, this study aims to answer the research problem: How small and mediumsized organizations perform IT security management. The main contribution of the paper is to capture information security management challenges from an SME's viewpoint and provide solutions to tackle these challenges. This paper aims to improve information security management of SMEs. From IT Service management perspective, the case study research approach was utilized in the study.\",\"PeriodicalId\":157671,\"journal\":{\"name\":\"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QUATIC.2016.053\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QUATIC.2016.053","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

现有的信息安全管理研究大多侧重于大型组织的信息安全防范安全威胁。然而，中小企业的安全管理观点相对不同。中小型企业的风险更大，因为它们负担不起昂贵的工具。他们缺乏过程改进能力，并且可以用于安全管理的工作是有限的。由于预算有限，他们无法在IT服务基础设施和IT人力方面投入大量资金。他们很容易成为网络罪犯的目标，而且与大公司相比，他们缺乏资源，很容易成为受害者。恶意互联网内容也成为主要的安全问题之一。因此，本研究旨在回答研究问题:中小企业如何进行IT安全管理。本文的主要贡献是从中小企业的角度捕捉信息安全管理的挑战，并提供解决这些挑战的解决方案。本文旨在提高中小企业的信息安全管理水平。本研究从IT服务管理的角度出发，采用案例研究的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

IT Service Management from a Perspective of Small and Medium Sized Companies

Most of the existing information security management studies focus on information security of large organizations preventing security threats. However, a security management perspective of a small and medium-sized (SME) company is relatively different. Small and medium sized companies are at a greater risk because they cannot afford expensive tools. They lack process improvement capabilities and effort that can be spent on security management is limited. Due to limited budget, they cannot invest heavily in the IT service infrastructure and IT manpower. They become easy targets for cyber criminals and they can be easily victimized as they lack the resources compared to larger companies. Malicious internet content also becomes one of the major security concerns. Therefore, this study aims to answer the research problem: How small and mediumsized organizations perform IT security management. The main contribution of the paper is to capture information security management challenges from an SME's viewpoint and provide solutions to tackle these challenges. This paper aims to improve information security management of SMEs. From IT Service management perspective, the case study research approach was utilized in the study.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)

自引率

0.00%

发文量