The document discusses security and information security. It defines security as protection from danger and information security as protecting information, systems, and hardware. It notes that organizations use multilayered security involving physical, personnel, operations, communications, network, and information security. Information is a highly valuable asset that needs to be protected from unauthorized access, as leakage can be dangerous for organizations and governments. The document also discusses bottom-up and top-down approaches to implementing information security.
2. A general definition of security is to being in
the state of security – to be free from any
kind of danger.
In other words, security is protection against
adversaries – from those who would harm,
intentionally or otherwise.
www.HelpWithAssignment.com
3. Today, we can observe the concept of
security in almost every place.
The most common forms of security is a
uni-layered or uni-faceted system.
But in case of organizations or the nation as
such, resort to a multilayered system.
www.HelpWithAssignment.com
4. Some of the most common forms of
securities that can be found in many
organizations include
◦ Physical security
◦ Personnel security
◦ Operations security
◦ Communications security
◦ Network security
◦ Information security
www.HelpWithAssignment.com
5. Information Security according to the
Committee on National Security Systems,
defines information security as the protection
of information and its critical elements,
including the systems and hardware that use,
store and transmit that information.
www.HelpWithAssignment.com
6. Here the importance of information must be
acknowledged.
Information is one of the most valued assets
today.
It is because of the characteristics it
possesses.
www.HelpWithAssignment.com
7. Information needs to be protected from
unauthorized access. Information leakage can
be dangerous for many organizations.
Sometimes, information relating to the
internal affairs of an organization may be
leaked.
www.HelpWithAssignment.com
8. Such information may include the decision to
implement a new type of cost cutting system,
the financial information of the organization,
the list of customers and their financial
information, research and development
information, information regarding a new
product line, etc.
www.HelpWithAssignment.com
9. Loosing such information can prove to be
very costly for an organization.
In case of government, key and strategic
information is of utmost importance.
www.HelpWithAssignment.com
10. Sometimes, information about national
security can be at stake.
Such information can include the list of
weapons, testing of new weapons, key and
strategic places where weapons are stored,
etc.
www.HelpWithAssignment.com
11. All these kinds of information must be
protected.
This calls for information security approaches
which can be implemented. This will include
www.HelpWithAssignment.com
12. A Bottom-Up approach is the best suited
approach for implementing a very good
security system.
One of the biggest advantages of this system
is that the system or the network
administrators who are using this system will
implement a security system at the grass-
root level.
www.HelpWithAssignment.com
13. This can enhance the information security of
the concern. The administrators who possess
in-depth knowledge of the system will
implement a right security system which
would be apt for the organization in terms of
their level of operations. In a way, they can
help in customizing the security system.
www.HelpWithAssignment.com
14. Some of the characteristics that information
possesses include availability, accuracy,
authenticity, confidentiality, integrity, utility,
possession, etc.
Information Security Principles are framed by
every organization. These Information
Security Principles give out security protocols
for securing information.
www.HelpWithAssignment.com
15. In Top-Down approach, the higher
management of the organization will issue
policy, procedures and processes to
implement the type of security in the
organization. This type of information
security will have its own advantages.
www.HelpWithAssignment.com
16. The top level management will consult
experts before implementing any such
system.
Experts in the field can forecast future
contingencies and will help in preparing for
enhanced security procedures which will stop
infiltrators from not only entering into the
systems in the present, but also in the future.
www.HelpWithAssignment.com
17. This will also mean that the information
security will be constantly monitored and
improvements in the same will be undertaken
on a regular basis.
www.HelpWithAssignment.com
18. For further details on IT Security, visit our
websites at
http://www.helpwithassignment.com/IT_Secu
rity_Assignment_Help and
http://www.helpwiththesis.com
www.HelpWithAssignment.com