| dc.description |
Information and Communication Technology (ICT) is increasingly becoming an integral part of our work, social, political, business, and private lives. Terminology such as mobile banking, mobile money, e-learning, e-procurement, e-commerce, e-ticketing, social media, Internet, blogs, intranet, extranet, e-books, telemedicine, web portal, management information systems, decision support systems, and the like are quite common in our daily lives. The fundamental element behind all these is ICT. The benefits of ICT are enormous and, indeed, ICT is continually affecting our day-to-day lives in a positive manner. Enhanced efficiency, effectiveness, transparency and operational costs reduction are some of the benefits of ICT. Despite the innumerable benefits of using ICT based tools and systems to support our business operations, there are numerous, yet ubiquitous security risks, threats and vulnerabilities associated with the adoption and deployment of ICT. As a result, private users, enterprises, business entities, educational institutions, government and non-governmental institutions are always in dilemma upon deciding which security mechanisms to go for, why and how to do it. This paper provides insight on how to overcome this challenge by presenting fundamental principles on how to properly determine your information security requirements and decide on suitable and cost effective security mechanisms in a given context. |
|