An assessment of security measures for electronic information resources in selected organizations in Nairobi

Abstract

The purpose of this study was to assess security measures in place for electronic information and its infrastructure in selected organizations in Nairobi. The main objectives for the study were: establishment of the status of current security measures for electronic information systems in selected organizations in Nairobi, to suggest a possible security policy for organizations dealing with Information Communication Technology and to identify possible solutions to the problems. Before assessing the measures, the researcher identified some specific threats that electronic information faces. The study found out that electronic information and infrastructure faces two broad types of threats: physical and logical. Physical threats are the vulnerabilities militating against electronic information because of physical weaknesses such as improper securing of the information facilities. Measures for this brand of threats are also physical e.g. construction of bomb proof buildings, keeping out of bounds any unauthorized personnel in and around the information communication technology main center, and 24 hour round the clock surveillance, etc. On the other hand, logical threats are system-oriented dangers, which cripple the operations of the information system. As technology stands today, anybody with a computer and a modem can have access to the Internet or the WWW, however, not everybody surfing the web has good intentions. Some are driven by ulterior motives such as stealing or destroying information