Organizational it security for Sri Lankan organizations

Abstract

Information Technology is used and practiced as a support service for business operations across all Sri Lankan organization categories of each scale. IT Security is considered as an important aspect in relation to the IT environments of these organizations. Five concepts of security are defined in the research study as, Computer Systems Security, Physical and Environmental Security, Network Security, Procedural and Operational Security and IT Security for End Users and Clients. IT Security approaches, requirements and issues in Sri Lankan organizations, related to the defined security concepts are identified and analyzed. Literature to support the observations and results, are discussed and included in the study. Based on the analysis and literature study, a Security Model is developed to address the identified issues and requirements on IT Security structure of Sri Lankan organizations. Some recommendations and future enhancements are also mentioned and discussed.