Evaluation of the level of IT security deployed in the higher education institutes of the RIT II network
DOI:
https://doi.org/10.37431/conectividad.v4i1.49Keywords:
Technological security, security policies, higher technological institutes of Ecuador, identification of vulnerabilities, risk analysisAbstract
The objective of this investigation is to determine a baseline on the reality of information security (SI) in the institutes of higher education of the RIT II network, for which the information obtained through the application of an evaluation based on good practices related to the level of information security was analyzed. The objective is to identify the vulnerabilities presented by the institutes and categorize them according to their level of risk, in order to establish an adequate management and subsequent treatment with the development of policies and controls to minimize the impact in case of a security event. The deductive method and exploratory research were applied to examine the information obtained from the surveys generated using the ISO/IEC 27001:2013 – 27002:2013 framework. This analysis was able to determine the most critical vulnerabilities to which the educational institutions under study are exposed, evidencing that the security index of the analyzed institutions is moderately acceptable in their security objectives, as well as the lack of appropriation of referential security frameworks, raising the risk of security incidents.
Published
How to Cite
Issue
Section
License
The originals published in this journal's printed and electronic editions are the property of the Instituto Superior Tecnológico Universitario Rumiñahui. Therefore, citing the source in any partial or total reproduction is necessary. All the contents of the electronic journal are distributed under a Creative Commons Attribution-Noncommercial 4.0 International (CC-BY-NC 4.0) license.
2.png){kind=logo}
