At the moment, your system is connected to a network, where you
are benefiting from productivity-enhancing information
access services. Sending and receiving emails, browsing the
Internet via web browsers, and downloading data or program files are
a few of the most common activities.
These activities also expose systems to malicious code threats like
computer viruses and Trojans.
INFORMATION SECURITY MANAGEMENT
Security is everyones problem - sustainable outcomes
require behavioral change. It is no use securing all
electronic copies when it is possible to walk away with
a filing cabinet full of confidential material.
Threats:
Threats are increasing :- over the last few years IT Security has
gained increasing exposure in the popular media. Organisational
exposure has increased at the same exponential rate as development times
decrease to allow for quick roll-outs, and lower-end users gain permanent
high-bandwith connections.
|
|
MALICIOUS
|
ACCIDENTAL
|
|
Confidential
|
Espionage, Theft, Leak
|
Oversight, Breaches
|
|
Integrity
|
Fraud, Mischief
|
Errors, Failures
|
|
Availability
|
Sabotage, Vandalism
|
Breakdown, Disasters
|
Risk Management Approach:
Examine and weigh up the likelyhood and cosequences for all threats.
It is important not to misjudge the threats or to underestimate the
potential losses.
The objectives are to;
reduce the likelyhood of any given threat, as it is almost impossible to erradicate
reduce the impact of any given threat by minimizing the damage and allowing for ongoing risk management.
Pro-Active Management:
Within ed-IT we have a trend towards a Pro-Active Management
approach, rather than Reactive Management.
SECURITY FRAMEWORK
SECURITY: STANDARDS
SECURITY: POLICY
SECURITY: SECURING THE ENVIRONMENT (Solutions)
SECURITY: CURRENT ISSUES (Alerts)
REFERENCES
IT Security Resources are now located on their own page:
Security Links
|
