Explore BrainMass

Information security regimes in small-to-medium enterprises

This content was STOLEN from BrainMass.com - View the original, and get the already-completed solution here!

The comparison is strictly based on the following 2 areas
1) Security training and education
2) Physical security issues in Information security

Each area has about 300-400 words.

© BrainMass Inc. brainmass.com December 20, 2018, 5:54 am ad1c9bdddf

Solution Preview

Security training and Education
The purpose of information security training is to create awareness among users of potential risks of breaching information security. Training makes employees become proficient with specialized instruction and practice. In large organizations, employees directly impact information security risks. On the other hand in small organizations are too faced with the same threat. In small and medium-sized businesses a cyber attack can take them offline for a day and have a significant impact on their bottom line and could even put them out of business altogether.
For a large organization, security training is required for current employees; new employees within 60 days of hire; whenever there is a significant change in the organization's IT security environment or procedures, or when an employee enters a new position which deals with sensitive information. The training is conducted periodically as a refresher training based on the sensitivity of the information the employee handles. Large organizations have a framework for determining the training needs of particular categories of employees, including contractors. The training matrix consists of the various levels of training for different bands of employees.
Information security education in large organizations is mandatory for all employees. Education ...

Solution Summary

The expert examines the implementation for security regimes in small-to-medium enterprises.