Resources
What is Information Security?
- data is the raw stuff, unprocessed
- information is generally structured
- information assets are the whole package: it’s the data, as well as the system that manages/processes the data
NIST 800-59: The term 'information security' means protecting information and
information systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide integrity, confidentiality, and
availability.
Information security
- Goal
- protection of the confidentiality, integrity, and availability of information assets (including information and the systems that house them)
- Approaches
- application of policy, awareness, training, education and technology
Information assets
Hardware
- computer
- devices (disk, drives, memory, printer, etc.)
- network gears, etc.
Software
- operating system
- utilities
- commercial applications
- self-made applications, etc.
Data