Management of Information Security
Information, like other valuable business assets must
also be considered an asset and should be protected against all types of
threats. You know that security breaches aren't just happening online.
Implementing the right set of controls, such as
policies, procedures and organizational structures, to meet the security
objectives of an organization, is how information security can be achieved.
Information Security covers a variety of important concepts. It involves the
protection of information as well as the processes, systems, and procedures
that relate to its management and use.
Security is not assured by information security.
Information security is not a guarantee of security. However, it provides a
reference point and framework for management to implement appropriate security
controls. Qnap españa also raises awareness about users' responsibilities in relation to
information security.
The CIA is an acronym for the CIA's objectives in
information security.
1.
Confidentiality:
To ensure information is only accessible to authorized users.
2.
Accessibility: To
make sure that authorized users have the information they need and to support
them with systems, processes and networks.
3.
Integrity: To
ensure the accuracy and completeness information and related processing
methods.
These are the areas where the policies or guidelines
will be needed for information security management.
Careless talk
Talking about business, office and employees is called
careless talk. It can also include discussing business with people you don't
know. Also, careless talk is when sensitive information is given inadvertently
to someone for a particular purpose. This is known as Social Engineering.
Guideline for email security
Email is an essential business tool in any
organization's communication system. Email security, confidentiality, and
integrity cannot be guaranteed. Email should not be treated as private. This is
why you must act professionally and properly at all times. You should not send
sensitive or confidential information via email if you don't have encryption
approval.
Guideline for instant messaging
Instant Messaging (IM) is a communication tool that
allows for instant messaging and two-way communication. It is impossible to
guarantee the security and integrity of IM. Instant Messaging is not a good way
to share sensitive business information or personal information.
Guideline for Internet Policy
Internet access should not only be available to the
highest-level users within an organization. Users are expected to behave
professionally and responsibly while using the Internet. The internet users can
be monitored both internally and externally. These actions can be traced back
at the computer that was used. To support the business, it is important to
develop a policy or guidelines in this area.
Guideline for laptop security
To support mobile workers, all organizations have
laptops. The laptops are valuable organizational assets that contain sensitive
business information and work files.
Guideline for office security
Although the office and corporate premises have many
security measures in place, staff must be vigilant. Security guidelines should
be created to manage strangers at work, assets, clear desks, secure faxing,
photocopying, and ensure virus scanning.
Guideline for password security
A strong password is one that cannot be guessed. This
includes a combination of upper/lowercase, 8 characters minimum, and so forth.
It is important to be familiar with common passwords that are easy for others
to guess. A password that is easy to guess is one that is closely related to
someone's everyday life or that could easily be determined.
Secure media handling
All media that needs to be thrown out must be securely
destroyed. Media can contain information about organizations that cannot be
accessed by unauthorized people. It is important to establish a guideline for
managing media securely.
Spam security
Spam email is annoying for everyone who receives it.
It often contains pornography and offensive ads unsolicited. As an anti-spam
tool, a regulation, a guideline or policy should be created.
Virus Security
You might be mistaken if you believe you are immune to virus infection due to the antivirus scanning programs that are installed on corporate IT systems. Every week, hundreds or even thousands of new viruses are introduced to the wild.
Comments
Post a Comment