Essay Example on Computer Systems Security Foundations








Computer Systems Security Foundations Unit 1 DB2 Introduction to Information Security CS651 1801A 01 Instructor Dr Gregory Gleghorn January 5 2017 Article Understanding the fundamentals of information security This article was writing by Richard Nosek of Imagex on their blog page of Imagex website in May 5 2017 In this article it was wrapped up what the information security is about The combination of human activity and the technology provide an elaborate and systematic plan of action for managing the processes tools and the policies necessary to prevent detect document and counter threats to digital and non digital information The protection of Confidentiality Integrity and Accessibility of data in an Organization will go a long way in ensuring security of information system Continue evolution of cyberspace bring new threats to people and organizations People need to protect their privacy Businesses and organizations are responsible for protection of both their intellectual property and any personal or private data they handle Considering information processes it's all about bits and pieces of material that is gathered about something or someone This data in not only limited to credit card information alone It can be details of a client project medical record number social security numbers Insurance policy number security and investment account numbers or information that is stored when someone create user profile including corporate intellectual property Security simply means being safe and protection from threat Information security in essence is the protection of someone s data Information can be classified in these following standards depends on the organization business or individuals

Public Internal Confidential Special Confidential Public Is that information that is available for public and does not require any special handling Internal can be categorized as data shared within your organization and should not be disclosed outside the organization It will likely have some level of access control applied to privilege to such information Confidential can compose general information about a customer and will have access control in place so that it meant for only a specific audience Special Confidential information in this class is not only confidential but has a higher level degree of sensitivity around whom and how access is granted There are three fundamental principles with information security or ways which information security can be seeing These three principles are also called CIA triad information security and known for model for security policy development Confidentiality Integrity and Availability CONFIDENTIALITY Confidentiality is a common term means guarding information from everyone except those with right to it It is really about privacy This principle is to keep information hidden and make it only accessible to people that is authorized to access it, For example, your medical history is something you want to keep private and only a few people such as doctor should have access to it Another example is a doctor calls you by your full name in the reception area of a medical clinic

Your full name is considered confidential Using cryptography techniques to hide confidential data and strict access control is utilized to help ensure information is kept confidential Examples of such controls are 1 Conduct annual security awareness training for employees 2 Putting an IT security policy framework in place 3 Designing a layered security solution for an IT infrastructure 4 Performing periodic security risk assessments and audits INTEGRITY Integrity deals with the validity and accuracy of data and the reliability of data or information in your system One of the things an intruder attempt to do is making unauthorized modification or changes to data stored in a system, For example, hacking attack happens on an ecommerce website and the hacker modifies the shipping postal code the integrity of the banking records has been compromised AVAILABILITY Availability is a common term in everyday life In the context of information security availability is generally expressed as the number of time users can use a system application and data Availability means that the people with authorization have access to information when they need it, For example, an interruption in an authorized user access of information

One cause of interruption that most people are familiar with would be when a hacker takes down a website with a DDos attack Typically these three principles plays significant role in information system security small business large government body or publicly traded corporation Most IT infrastructures consist of seven domains user workstation LAN LAN to WAN WAN Remote Access and System Application domains and each one of these domains requires proper security controls with the need to meet the requirement of the three principle of CIA triad Each of these domains requires the use of strategies to reduce risks threats and vulnerabilities IT security policy frameworks can help organizations reduce risk Also learned that data classification standards provide organizations with a road map for ways to handle different types of data Reference Nosek Richard May 5 2017 Understanding the Fundamental of Information Security Retrieved from internet source http imagexmedia com blog 2017 05 understanding fundamentals information security David K Michael G October 15 2016 Fundamentals of Information Systems Security 3rd Edition Retrieved from internet source http proquestcombo safaribooksonline com proxy cecybrary com book networking security 9781284116465 chapter 1information systems security

Write and Proofread Your Essay
With Noplag Writing Assistance App

Plagiarism Checker

Spell Checker

Virtual Writing Assistant

Grammar Checker

Citation Assistance

Smart Online Editor

Start Writing Now

Start Writing like a PRO