E-business security strategies for SMEs

The major barriers to the Implementation of electronic commerce by businesses globally arc well understood. These comprise security and pnvacy issues, the lack of established regulations governing commercial behaviour and liability, and the lack of universally accepted standards. In this article. we focus on the security concerns of Australian SMEs. Medium, and especially small, enterprises are hindered in the implementation of communications security technology by a lack of expertize and a poor understandmg of the services and resources available to them. As a response to this situation, we examme the facilities avallable to Australian SMEs which help them to make reasonable e- secunty decisions as part of an overall e-busmess strategy. We demonstrate that there are sufficient resources at appropnate levels of availability to enable small and medium Australian enterprises to implement communicatlons security effectively.

Mcommerce - a vision in time

Global mCommerce revenues are expected to grow from $400 million in 2000, to 22.2 billion by 2005 (Raczkowski, 2002) mCommerce is a key driver in developing the global information society, with applications emerging in numerous areas including banking, financial services, security services and shopping (Khalifa and Cheng, 2002). With optimistic projections regarding its growth, many researchers are actively determining the future of mCommerce. In this paper, we have tried to synthesise some predictions and evolving definitions, explored security as a critical impediment and developing solutions; investigated the mPayment scenario; and derived a futuristic research framework. Specifically, we have attempted to capture the moving mCommerce scenario in present time, with a special focus into mPayments.

The tri-dimensional role of information security in E-business : a managerial perspective

The effective management of information and its associated infrastructure is critical in electronic business. Failure to exercise due diligence in information assurance and security may lead to lost revenue or business opportunities, brand and reputation erosion, adverse media publicity, scrutiny from consumer advocates and even lawsuits. Traditionally, information security was approached in terms of goals. Yet, the goalsoriented approach may be a flawed one. In this paper, we adopt a conceptual analytical approach and propose a tri-dimensional understanding of information security in electronic business. Our approach can help managers better understand and communicate the information security’s role in e-business and the inter-dependencies between business and legal requirements, for devising the goals, objectives and policies relevant to their organization.

An empirical study of e-business security in Geelong small to medium business enterprises (SMEs)

This paper delivers the findings from a study conducted to investigate Australian SMEs and e-business security. The study established the attitudes and concerns of a sample of Australian Small and Medium-sized Enterprises (SMEs) towards the use of e-business within their operational environment using the members of the Geelong Chamber of Commerce as a base for survey participants. The results focus on e-business security and identifying mechanisms that SMEs use to safeguard their e-business systems.

Health information security evaluation: continued development of an object-oriented method

With the convergence of paper to electronic, the health industry is relying more on technology to maintain and update the well-being of patients. This reliance on technology requires an acute level of protection from
unwanted technological disasters and/or human threats. Research shows insufficiencies with the implementation and use of security controls; as well as current analysis methods lacking the techniques to analyse technical and social aspects of security. The aim of this paper is to introduce an information security evaluation methodology for health information systems based on UML.

Employee development strategies in the B2C banking environment: two Australian case studies

The implementation of technology and, in particular, eCommerce technologies has had unforeseen consequences for the relationship between managers and employees. To be able to operate in an increasingly global and competitive environment, retail banks have had to develop new ways of dealing with their employees. Issues have arisen that have necessitated a rethink in the way employees interact with customers and this, in turn, has required changes to human resource strategies. The question we address in this paper is what are the employee capabilities and qualities retail banks must develop to satisfy both more sophisticated customers (who demand flexibility of interactions, responsiveness and convenience) as well as the organisation’s own needs (including expanded sales opportunities, cost containment or reduction and customer loyalty) when implementing eCommerce technologies. The paper discusses two case studies illustrating some of the issues with which banks, as service organisations, have had to deal. These two banks have taken rather different approaches in their use of technology to interact with their customers and this has implications for the way they manage their employees who deal with those customers.

The road to internet banking: understanding emerging customer issues

This paper presents findings from an empirical study of banking customer experiences with the adoption of Internet banking. Using a qualitative, interpretive grounded theory approach and single and group interviews, the study explores customer perceptions and experiences and provides an understanding of how and why specific factors affect their decision whether or not to bank on the Internet in the current era. The findings are used to develop a theoretical framework which conceptualizes and links consumer issues influencing the adoption of this application, and we also provide a set of recommendations for banks. Specifically, the findings suggest that convenience – in particular, time savings – is the major motivator to bank on the Internet, while there are a range of other influential factors which could be modulated by banks. The results also highlight increasing online risk acceptance by customers and the growing importance of deep levels of customer support for online services. Key gender differences in attitudes to Internet banking are highlighted. This study suggests that organizations will improve their management of customer attitudes to new Internet service applications by understanding the need to proactively address customer fears and misconceptions about the technologies involved.

Benchmarking e-business security : a model and framework

The dynamic nature of threats and vulnerabilities within the E-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, E-business security has to become proactive, by reviewing and continuously improving security to strengthen E-business security measures and policies. This can be achieved through benchmarking the security measures and policies utilised within the Ebusiness, against recognised information technology (IT) and information security (IS) security standards.

A framework for merging inconsistent beliefs in security protocol analysis

This paper proposes a framework for merging inconsistent beliefs in the analysis of security protocols. The merge application is a procedure of computing the inferred beliefs of message sources and resolving the conflicts among the sources. Some security properties of secure messages are used to ensure the correctness of authentication of messages. Several instances are presented, and demonstrate our method is useful in resolving inconsistent beliefs in secure messages.

The multifaceted and ever-changing directions of information security - Australia get ready!

In recent years, we have witnessed many information security developmental trends. As a consequence, the dimensions of information security - once single disciplinary area - have become multifaceted and convoluted. This paper aims to (1) recapitulate these key developments: (2) argue that the emergence of many complex information security dimensions are the result of 'constant change agents' (CCAs); (3) discuss the implications on Australia's society, i. e. government, companies and individuals; and (4) propose key consideration areas and possible solutions thereof. We hope that the discussion presented here will position Australia to make better aligned information security and strategic plans, such as choosing appropriate investments and adopting effective solutions to strengthen and secure Australia's national information security posture.

Understanding transition towards information security culture change

Transitioning towards an information security culture for organisations has not been adequately explored in the current security and management literature. Many authors have proposed how information security culture can be created, fostered and managed within organisations, but have failed to adequately address the transition process towards information security culture change, particularly for small medium enterprises (SMEs). This paper aims to (1) recapitulate key developments and trends within information security culture literature; (2) explore in detail the transition process towards organisational change; (3) adapt the transition process with respects to the key players involved in transition and propose a transition model for information security culture change; and (4) consider how this model could be used by managers and employees of Australian SMEs. A major intention of this paper is to provide academic researchers and practicing managers with an understanding of the transition process towards achieving information security culture change within SMEs.