In an effort to address issues raised in our recent IT customer satisfaction survey, I decided to dust off some old information security blog entries, update ‘em, and once again provide you with important security tips.
Computer security may seem to throw unnecessary roadblocks into your daily routines in RSU #20: password protected networks, admin logins required for installations, website blocks. Key to effective information security is awareness. This information security blog, as part of our new RSU #20 technology blog, is designed to raise awareness of information security. It is also designed to provide you and our students with tools and skills to manage information security.
First, I would like to once again recommend a basic, easy-to-read booklet on computer security. It is titled, "Computer Security, 20 Things Every Employee Should Know, " ISBN-10 # 0-07-226282-6, ISBN-13 # 978-0072262827 and published by McGaw-Hill Professional Education. The cost is about $8.00. It is available in print and e-book format. This booklet is a few years old now, but is still relevant. It contains basic security information and is written for the non-geek. It is not full of technical jargon and drives home the importance of maintaining computer security.
There are three fundamental principles in effective information security: Confidentiality, Integrity, and Availability. In the information security (infosec) field, we refer to this as the C-I-A triad. Confidentiality implies a trust or a feeling of assurance. In infosec, this is ensuring data is not disclosed to unauthorized persons. Integrity is defined as, "a rigid adherence to a standard of values." In infosec, data integrity is the reliability that information received is in an identical state to when it was last accessed by an authorized person. Accessibility describes access to data by authorized users. Infosec attempts to balance confidentiality and integrity with accessibility. It is a fine line and sometimes we (IT) err on the side of caution.
The C-I-A triad forms is the base for information security. Your role in information security is vital. Security is similar to a chain and is only as strong as the weakest link. When working with data (digital, verbal, or written), we, as employees, present a vulnerability to that data. To have an effective information security program, we all must be aware of our responsibilities.
Here is a bit more on C-I-A & infosec:
No comments:
Post a Comment