jump to navigation

Information Security, what to protect? September 16, 2008

Posted by Abdurahman in technology.
Tags: , ,
1 comment so far

For some institution(business, government etc.) they need to secure their information from outside threat. This threat could be from anywhere. It can be from either from outside or inside. They are not trying to protect the hardware. When the hardware is broken or stolen, you still can find its replacement on the market; They also not trying to protect their software, its always can be reinstalled again, even it takes time. It is the information they were trying to protect. Information of their customer, civilian records, financial records. Most of it are stored within popular office format such as Word, Excel, Access or even in database like MySql, PostgreSQL, Oracle or any popular database vendors.

Here I’m trying to describe what is the key concept how to secure this kind of information.

1. Confidentiality

Confidentiality means that you are trying to protect some information from unauthorized access, such as hackers, crackers, and any people/subject that don’t have rights to access sort of information you have.

2. Integrity

Even it’s protected, you have to ensure that your information is not altered by mistake or accidents. So the information need to be authorized first before you can make some changes on it.

3. Availability

It’s useless if you are protected something but that information is not available to you when you need it.

 

Those key concept are well known as CIA concept. I will adding more key concept in my next post.