University of Tasmania

File(s) under permanent embargo

An investigative report into security policies of SME's in Australia

posted on 2023-05-26, 17:44 authored by Lim, Jehn
Advances in technology have facilitated a new form of business opportunity: ecommerce. In the rush to join in on e-commerce activities, many companies fail to recognise the importance of security in this on-line business environment. This lack of attention to security was reflected in the Global Information Security Survey 2002 conducted by Ernst & Young. The survey found that 91% of businesses in Australia reported that their critical business systems are increasingly being interrupted. This is high compared to the global measure of 75%. SMEs are equally as susceptible to information security attacks as large corporations. However, SMEs do not normally have the abundant resources of larger corporations so the damage inflicted by security infringements will be greater. In Australia, it is essential that SMEs are aware of the importance of implementing stringent security measures since these enterprises account for nearly 50% of the total Gross Domestic Product and 35% of exports in APEC member economies. The aim of this research is to inform small medium enterprises (SMEs) of the risks they might face as a result of \e-commercialising\" their business activities. A secondary objective is to offer advice on how SMEs can protect their operations through the implementation of a security policy. To achieve these objectives this research will investigate the current security environment of SMEs throughout Australia. This research study adopted a quantitative approach. It was an empirical study that used mail survey questionnaires to collect data. These were sent out to a randomly selected group of SMEs from the five states and two territories of Australia proper. A number of hypotheses were tested. As a result it was found that although a minority of SMEs are knowledgeable on security issues and practice them the majority of them still do not have proper security policies in place. In other words the level of security stringency is indirectly proportional to the level of computer security infringement. Future research could include the investigation of the relation between security threat and the preferred security technologies of SMEs to protect against such threats. An investigation could be tested on the effectiveness of network security technologies against such threats. Finally the preference of network security technologies could be researched across countries or through a period of time."


Publication status

  • Unpublished

Rights statement

Copyright 2002 the Author - The University is continuing to endeavour to trace the copyright owner(s) and in the meantime this item has been reproduced here in good faith. We would be pleased to hear from the copyright owner(s). Thesis (M.I.S.)--University of Tasmania, 2002. Includes bibliographical references

Repository Status

  • Restricted

Usage metrics

    Thesis collection


    No categories selected


    Ref. manager