E-business security management for Australian micro SMEs - a case study

Small and Medium Business Enterprises (SMEs) make a significant contribution to the economic viability of the Australian economy. The benefits of performing business in an on-line environment has been realised by Australian SMEs as the use of the Internet for performing business activities both with consumers and other businesses continues to increase. The findings of an empirical study and other evidence available indicate the uptake and advancement of performing e-business activities shall be dependent on two key complementary elements: first, the ability of Australian SMEs to secure their e-business systems; and second, the availability of an approach to recommend a practical e-business security management strategy. This paper presents the results of a case study which applied a previously developed methodology to a micro SME e-business system. The purpose was to validate the ability of the Australian Small to Medium Enterprise E-business Security Methodology (ASME-EBSM) to provide an effective security management strategy for Australian SMEs. The outcome demonstrated that this approach was both feasible and realistic for providing recommendations to secure the e-business activities performed and to protect the micro SME e-business system.

E-business security management for Australian small SMEs - a case study

Small and Medium sized Enterprises (SMEs) play an important role within the Australian economy. There is a strong business case for Australian SMEs to be involved in e-business, which has been realised as the use of the Internet for performing business activities continues to increase. The evidence available indicates the uptake and advancement of performing e-business activities shall be dependent on the ability of Australian SMEs to secure their e-business systems. This paper presents the results of a case study, which applied a previously developed methodology to a small SME e-business system. The purpose was to validate the ability of the Australian Small to Medium Enterprise E-business Security Methodology (ASME-EBSM) to provide an effective security management strategy for Australian SMEs. The outcome demonstrated that this approach was both feasible and realistic for providing recommendations to secure the e-business activities performed and to protect the small SME e-business system.

The derivation of a conceptual model for outsourcing IT security

IT security outsourcing is the establishment of a contractual relationship with an outside vendor to assume responsibility for one or more security functions. Outsourcing in IS has had a variable history of success and the complexity of the decision making process leads to a substantial degree of uncertainty. This is especially so in the realm of IS security since the protection of both hardware and software systems in is placed in the hands of an external provider. This is the second paper discussing the improvement of the effectiveness of the decision making process by means of a conceptual model using Soft System Methodology techniques that integrates security benefits, costs and their respective performance measures. In this paper the methodology used to develop the model and its validation are discussed.

The derivation of a conceptual model for IT security outsourcing

IT security outsourcing is the establishment of a contractual relationship between an organization with an outside vendor which assumes responsibility for the organisation’s security functions. Outsourcing in IS has had a variable history of success and the complexity of the decision making process leads to a substantial degree of uncertainty. This is especially so in the realm of IS security since the protection of both hardware and software systems is placed in the hands of an external provider. This paper is a fuller and more comprehensive paper of a previous paper outlining the effectiveness of the decision making process by means of a conceptual model using Soft System Methodology techniques that integratessecurity benefits, costs and their respective performance measures. In this paper the methodology used to develop the model is discussed in detail.

Family, school, peer and individual influences on early adolescent alcohol use: first-year impact of the Resilient Families programme

Introduction and Aims:  This study aimed to examine: (a) the influence of family factors relative to school, peer and individual influences on the development of adolescent alcohol use during the first year of secondary school; and (b) the feasibility of preventing adolescent alcohol use by modifying family factors. Design and Methods:  Twenty-four schools in Melbourne, Australia were randomly assigned to either the 'Resilient Families' intervention or a control condition. A baseline cohort of 2315 grade 7 students (mean age 12.3 years) were followed-up one year later (n = 2128 for longitudinal analyses). A sub-set of parents (n = 1166) also returned baseline surveys. Results: The prevalence of lifetime alcohol use in year 7 was 33% and rose to 47% by year 8. Student-reported predictors of year 8 alcohol use included baseline alcohol [Odds Ratio (OR) 3.64] and tobacco use (2.68), and school friend's alcohol (1.41) and tobacco use (1.64). After adjusting for other influences, student-reported family factors were not maintained as significant predictors of year 8 alcohol use. Parent-report predictors of student-reported alcohol use included allowing alcohol use in the home (2.55), parental alcohol use (1.88) and child hyperactivity (1.85). Protective factors included attendance at brief parent education (0.60) and parent involvement in school education (0.65). Discussion and Conclusions: The intervention appeared to benefit education-related outcomes, but no overall effect in reducing student alcohol use was found in year 8. Intervention effects on alcohol misuse may become significant in later secondary school once the entire program has been implemented. Considerable alcohol use was detected in early secondary school,   suggesting that interventions to reduce alcohol use may be usefully implemented prior to this period.

Teaching practices for effective cooperative learning in an online learning environment (OLE)

As a teaching practice the application of cooperative learning in tertiary education can present unique challenges for both the practitioner and her students. Mastering this teaching approach requires careful planning, design and implementation for effective deployment in a face-to-face setting. In this setting the success of the cooperative learning approach has been demonstrated. The complexity is significantly increased by additional variables such as the selection and application of technological teaching tools and the change in nature of existing variables including awareness of students' social and communication skills when applying this practice in an Online Learning Environment (OLE). In addition student acceptance of this e-learning approach to learning also needs to be carefully considered. The practitioner must be aware of these factors and have suitable methods in place to support collaboration and interaction between student groups to ensure the ultimate goal with regard to students' learning is achieved. This paper considers how cooperative learning can be combined effectively with these variables and factors of an OLE, and begins with the presentation of a conceptual framework to represent this relationship as a constructive teaching practice. It is anticipated that the conceptual framework would be applied by other practitioners to facilitate cooperative teaching within their OLE. To demonstrate the validity of the framework a case scenario is provided using an Information Technology (IT) undergraduate unit named 'IT Practice'. This is a wholly online unit where extensive participation by the students within small groups is a core requirement. The paper demonstrates the themes of designing curriculum and assessment, as well as flexible teaching strategies for learner diversity but primarily concentrates on managing an effective OLE; that is managing small groups in an online teaching environment.

User perceptions and acceptance of benevolent worms - a matter of fear?

Worms and other forms of malware have been considered by IT Security firms and large companies for many years as one of the leading threats to the integrity of their data and security. However, several researchers over recent years have been working on creating worms which, instead of causing harm to machines which they infect, or the networks on which the machines reside, actually aid the network and systems administrators. Several uses of these worms have been proposed by these researchers, including, but not limited to, rapid remote patching of machines, network and system administration through use of their unique discovery and propagation methods, actively hunting, and defending against, other forms of malware such as "malevolent" worms, viruses, spyware, as well as increasing reliable communication of nodes in distributed computing. However, there has been no hint of commercial adoption of these worms, which one researcher has described as being due to a fear factor'. This paper concentrates on assessing and delivering the findings of user attitudes towards these worms in an attempt to find out how users feel about these worms, and to try and define and overcome the factors which might contribute to the fear factor'.

Evaluating the effectiveness of an e-business security methodology using a case study approach

The findings of three case studies resulting from the application of the Australian Small to Medium Enterprise E-business Security Methodology (ASME-EBSM) to each of the SME sectors comprising micro, small and medium businesses are examined. First a comparison of the findings relating to the SME sectors is discussed. The similarities and differences including the challenges experienced by the three sectors concerning the application of e-business security management within their respective e-business operational environments are presented. Second the process of applying the ASME-EBSM is reviewed with reflections upon the development and constituents of the methodology. The paper describes how a number of case studies were undertaken to validate the ASME-EBSM approach.

Attitudes of Australian information system managers against online attackers

Examines the attitudes of Australian IS/IT managers to the concept of cyber-vigilantism. Also, it explores the policies and procedures which have been set in place by various organisations to cope with concerted attacks on their systems. It finds that although a majority of managers do approve of the concept of “striking back”, only a minority are prepared for this eventuality. There appears to be complacency about the threats posed by organised, offensive attackers.