{"title":"Managing information security on a shoestring budget","authors":"V. Sridhar, B. Bhasker","doi":"10.4018/978-1-59140-061-5.CH010","DOIUrl":null,"url":null,"abstract":"As organizations continue to deploy mission-critical, network-centric information systems, managing the security of such systems has become very critical. Building and managing such security infrastructure can be potentially very expensive, especially for small and medium-sized organizations. The Indian Institute of Management, Lucknow (IIML), the premier teaching and research business school in India, embarked on implementing a robust security management infrastructure with a limited budget on hand. The case examines, how IIML successfully implemented the security infrastructure by appropriately developing security policies and selecting a proper combination of freeware and proprietary software components. Since security management is not a one-time activity and uses intensive technology, a careful analysis is required to assess whether the maintenance of the security infrastructure can be done in-house or outsourced. The case illustrates the trade-offs involved and presents experiences of IIML in outsourcing the post-implementation phase to a Security Service Provider. The case also highlights the challenges organizations face while implementing freeware security products and outsourcing security services.","PeriodicalId":43384,"journal":{"name":"Journal of Cases on Information Technology","volume":"5 1","pages":"151-167"},"PeriodicalIF":0.7000,"publicationDate":"2003-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cases on Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/978-1-59140-061-5.CH010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 5
Abstract
As organizations continue to deploy mission-critical, network-centric information systems, managing the security of such systems has become very critical. Building and managing such security infrastructure can be potentially very expensive, especially for small and medium-sized organizations. The Indian Institute of Management, Lucknow (IIML), the premier teaching and research business school in India, embarked on implementing a robust security management infrastructure with a limited budget on hand. The case examines, how IIML successfully implemented the security infrastructure by appropriately developing security policies and selecting a proper combination of freeware and proprietary software components. Since security management is not a one-time activity and uses intensive technology, a careful analysis is required to assess whether the maintenance of the security infrastructure can be done in-house or outsourced. The case illustrates the trade-offs involved and presents experiences of IIML in outsourcing the post-implementation phase to a Security Service Provider. The case also highlights the challenges organizations face while implementing freeware security products and outsourcing security services.
期刊介绍:
JCIT documents comprehensive, real-life cases based on individual, organizational and societal experiences related to the utilization and management of information technology. Cases published in JCIT deal with a wide variety of organizations such as businesses, government organizations, educational institutions, libraries, non-profit organizations. Additionally, cases published in JCIT report not only successful utilization of IT applications, but also failures and mismanagement of IT resources and applications.