An investigation into information security practices implemented by Research and Educational Network of Uganda (RENU) member institution

Kisakye, Alex

Title: An investigation into information security practices implemented by Research and Educational Network of Uganda (RENU) member institution
Creator: Kisakye, Alex
ThesisAdvisor: Irwin, Barry Vivian William
Subject: Research and Educational Network of Uganda
Subject: Computer security -- Education (Higher) -- Uganda
Subject: Computer networks -- Security measures -- Education (Higher) -- Uganda
Subject: Management -- Computer network resources -- Education (Higher) -- Uganda
Subject: Computer hackers
Date: 2012
Date: 2012-11-06
Type: Thesis
Type: Masters
Type: MSc
Identifier: vital:4586
Identifier: http://hdl.handle.net/10962/d1004748
Identifier: Research and Educational Network of Uganda
Identifier: Computer security -- Education (Higher) -- Uganda
Identifier: Computer networks -- Security measures -- Education (Higher) -- Uganda
Identifier: Management -- Computer network resources -- Education (Higher) -- Uganda
Identifier: Computer hackers
Description: Educational institutions are known to be at the heart of complex computing systems in any region in which they exist, especially in Africa. The existence of high end computing power, often connected to the Internet and to research network grids, makes educational institutions soft targets for attackers. Attackers of such networks are normally either looking to exploit the large computing resources available for use in secondary attacks or to steal Intellectual Property (IP) from the research networks to which the institutions belong. Universities also store a lot of information about their current students and staff population as well as alumni ranging from personal to financial information. Unauthorized access to such information violates statutory requirement of the law and could grossly tarnish the institutions name not to mention cost the institution a lot of money during post-incident activities. The purpose of this study was to investigate the information security practices that have been put in place by Research and Education Network of Uganda (RENU) member institutions to safeguard institutional data and systems from both internal and external security threats. The study was conducted on six member institutions in three phases, between the months of May and July 2011 in Uganda. Phase One involved the use of a customised quantitative questionnaire tool. The tool - originally developed by information security governance task-force of EDUCAUSE - was customised for use in Uganda. Phase Two involved the use of a qualitative interview guide in a sessions between the investigator and respondents. Results show that institutions rely heavily on Information and Communication Technology (ICT) systems and services and that all institutions had already acquired more than three information systems and had acquired and implemented some of the cutting edge equipment and systems in their data centres. Further results show that institutions have established ICT departments although staff have not been trained in information security. All institutions interviewed have ICT policies although only a few have carried out policy sensitization and awareness campaigns for their staff and students.
Description: TeX
Format: 110 p., pdf
Publisher: Rhodes University, Faculty of Science, Computer Science
Language: English
Rights: Kisakye, Alex

Hits: 1261
Visitors: 1378
Downloads: 141

Collections

RU Department of Computer Science

		Thumbnail	File	Description	Size	Format
View Details Download			SOURCEPDF	PDF	1 MB	Adobe Acrobat PDF	View Details Download