Abstract
small and medium-sized enterprises (SMEs) have developed rapidly, occupying a large proportion in the entire economic market, and providing a large number of employment opportunities. These SMEs not only present opportunities for economic growth for most countries but also offer great potential for innovation and the use of information technology. Crucial to most large and small enterprises is the current ubiquity and proliferation of technology usage at various levels of enterprise operations. Taking cognisance of information and network security, the proper network management of technology is essential specifically for SMEs because there are considerations and challenges that SMEs face that is different from large organisations. Many SMEs lack resources and experience when implementing network security protection planning and implementation. This study explores this concern in depth by considering different approaches regarding how SMEs network their operations. Using the Grounded Theory (GT) approach, this study developed a taxonomy of the network security management approaches common to SMEs with the aim of SME network security management improvement. Using theoretical sampling approach, qualitative data from IT practitioners from South Africa and China, working in SMEs was obtained for this purpose. A substantive theory grounded in data from those involved in the SMEs’ practices is presented. The implications for the application of the substantive theory are discussed.
Keywords: Network Security Management, SMEs, Grounded Theory.