Security policies for mobile devices in the management of information in SMEs
Article Sidebar
Main Article Content
Abstract
Introduction. Currently mobile devices provide great advantages for information management, if they are used within a company, it becomes a versatile tool, but, as well as offering advantages, there is also the other side in terms of security as it must maintain integrity, confidentiality, and availability of information. Knowing that in Ecuador approximately 4.39% are SMEs and that in Riobamba almost 354 are, and since there is no mobile culture in the organization of the company, it is necessary to implement strategies that promote the correct use of mobile devices to support business activity. Objective. Improve security in SMEs by implementing security policies on mobile devices for the safe handling of information. Methodology. A SWOT analysis was carried out where the strengths and weaknesses of the company with respect to the management of information through mobile devices were identified, processes were established from the surveys carried out to the members of the company, the necessary security policies were drawn up to solve the shortcomings that arose, the policies developed were implemented and the validity and effectiveness of these policies in the company was verified. Results. The implemented policies increased the integrity of the data transmission through mobile devices, it went from 13.64% to 86.36%, the confidentiality of the data to 36.36% since before the application of the policies it did not exist, availability was obtained 18.18% on mobile devices, since previously information was obtained from these. Conclusion. The security policies on mobile devices for the safe handling of the information shared with the personnel allowed the improvement in the security of the company according to its initial situation.
Downloads
Article Details
References
Baz, A., Ferrerira, I., Álvarez, M., & García, R. (2013). Dispositivos móviles. E.P.S.I.G : Ingeniería de Telecomunicación - Universidad de Oviedo, 1-12.
Betancur, O., & Eraso, S. (2015). Seguridad en Dispositivos Móviles Android. Perú: UNAD.
Carrasco, S. (2015). Análisis de la aplicación de la tecnología móvil en las empresas.
Castro, A., Guantiva, G., & Zárate, R. (2015). Guía de Políticas de Seguridad para dispoisitivos móviles en Pequeñas y Medianas Empresas. Bogotá: Universidad Católica de Colombia-Facultad de Ingeniería.
D'Angelo, G., Ferretti, S., Ghini, V., & Panzieri, F. (2014). Mobile Computing in Digital Ecosystems: Design Issues and Challenges. Cornell University.
INEN, (2016). Servicio Ecuatoriano de Normalización. Obtenido de buzon/normas/nte_inen_iso_iec_27000.pdf
ISO. (2019). ISO 27002. Obtenido de http://iso27000.es/iso27002.html
Macías, M. A. (2016). Marco conceptual de la computación móvil.
Ramos, P. (2011). Seguridad móvil: consejos y vulnerabilidades. Obtenido de WELIVESECURITY.
Siniša Husnjak, I. F. (2016). Preferences of Smartphone Users in Mobile to WI-FI Data Traffic Offload. Simpozijum o novim tehnologijama u poštanskom i telekomunikacionom.
Slusarczyk, M. (2015). Diagnóstico de aplicación de las NTIC en lsa PYMES de Riobamba-Ecuador. 3C TIC, 145-168.
Solarte, F. (2015). Metodología de análisis y evaluación de riesgos aplicados a la seguridad informática y de información bajo la norma ISO/IEC 27001. Revista Tecnológica-ESPOL.
Vieites, A. (2017). Enciclopedia de la seguridad informática. Madrid: RA-MA, S.A. Editorial y Publicaciones.
Vizuete, J. (2020). «Implementación de políticas de seguridad en dispositivos móviles para el manejo de la información en PYMES». ESPOCH, Riobamba.