A Framework to secure information and information technology assets in government Barnabas Kipchumba Sang a case study of ministry of education, Kenya
Contributor(s): Sevilla, Joseph (Dr.) [Supervissor].Publisher: Nairobi, Kenya Strathmore University 2010Description: xv, 204p.Subject(s): System Security | Data Protection | Computer Security | Network SecurityOnline resources: Click here to read the full-text thesis.
|Item type||Current location||Collection||Call number||Status||Date due||Barcode||Item holds|
|Thesis||Strathmore University (Main Library) Special Collection||Special Collection||QA76.9.A25S26 2010||Not for loan||87959|
|Thesis||Strathmore University (Main Library) Open Shelf||TH||QA76.9.A25S26 2010||Not for loan||75713|
Partial fulfillment for award of the degree of Master of Information Technology
Table of Contents
Insecurity of information and Information Technology (IT) assets in public sector needs urgent attention. As observed in this study, there is no strategy to guide Ministries and Government Departments secure information and IT assets despite increasing demand to have data and information accessible online.
This dissertation therefore proposes a framework that will help public institutions including Ministries and Government Departments setup comprehensive Information Technology (IT) security strategies to secure information and IT assets thus ensuring integrity and availability of information and/or services. The proposed framework is
flexible and allows for continuous improvement as security requirements change due
to new opportunities or challenges in the work environment.
In using the Ministry of Education as a case study, the IT Security Framework was
developed and tested with remarkable observation on security of information and IT assets. There is minimal disruption to online services due to impact of malicious code, better security of data and information through use of central user authentication and management, greater awareness and ownership by staff across all levels of operations.
It is clear that at the beginning of this research, a high percentage (73%) of information and IT assets were exposed to risk levels between high to extreme due to various threats. After six months of framework implementation, a major reduction of information and IT assets (26%) were found to be exposed to high risks levels.
The developed framework is flexible, easy to replicate and therefore, is highly recommended for use by any organization planning to secure its information and IT assets. Framework components and key strategies make an organization responsive to dynamic IT threats and risks to information and IT assets.