Abstract

Cybercrimes poses a great threat to the information security in small and medium enterprises, even technologically 
developed countries they face they also are also not left behind; it is important to understand the different types of 
crimes that affect the small and medium enterprises. Information security user demeanor is seemly growing attacks 
to their enterprise information security.  The research used two objectives that is to assess the information security 
issues experienced in small and medium enterprise in east Africa, to examine the current security measures used by 
the sme’s small and medium enterprise in east Africa. This paper used the descriptive survey; with 48 respondents 
the questionnaires were employed to collect primary data from the field. The finds show that it shows that 29.2% 
strongly agree that there is loss of data while on transit, 31.3% agree, that amount to 60.4% who strongly and agree. 
While 20.8% are neutral,14.6 disagree, strongly disagree 4.2%, Risk of unauthorized access by insiders and 
outsiders with a mean of 2.3958 and a standard deviation of 1.066670 implies that most respondents strongly agree 
that data is being corrupted with virus. Risk of deliberate act of information access and use with a mean of 2.3542 
and a standard deviation of 1.02084. the conclusion, Confidentiality and privacy concerns were identified as an 
associated concern with security issues in sme’s. Encryption is suggested as a better solution to secure information. 
Before storing data in cloud server and other storage devices, it is better to encrypt data. Data Owner can give 
permission to particular group member such that data can be easily accessed by them.