Information Security. Small and Medium Business. Information Security Model. Information Security Standards
The adoption of information security model, implementation of policies and fitness for any information security standard is rare for Small and Medium Enterprises (SMEs) because, often, the complexity of the rules. As these organizations contribute to much of the national economy, being the largest employers in Brazil, it was necessary to research ways to try to fill the gap. For this purpose the present study analyzed with real sample of 48 SMEs, through a questionnaire, which the vision of information security for SMEs and proposed a model simplifying controls 133 of ISO / IEC 27002 for just 22. This simplified model was , later also validated via questionnaire with ICT professionals in SMEs.
da Silva, Gonçalo Manoel Neto; Alencar, Gliner Dias; and Queiroz, Anderson Apolonio Lira, "Proposal for Simplified Security Model for Small and Medium Business" (2015). Proceedings of the XI Brazilian Symposium on Information Systems (SBSI 2015). 61.