Why Does Information Security Concern My Company?
Evaluate the following statements for your own
situation to determine if your company information
is safe.
- My company is confident that our
web server is located in a safe place and managed
by well-trained people.
- My company has a clear policy on
who is allowed to access to what kinds of information.
- My company has designated personnel
for information security, upgrades, backups
and maintenance.
- My company uses security tools such
as firewalls and encryption.
- My company has plans for emergency
response and disaster recovery, and these plans
are regularly reviewed.
If you answered "no" to any of the
these questions, then information security in
your company may have a number of security 'holes'
that may be vulnerable to threats.
Examples of Threats and Related Security Concerns
| |
Security
Concern Affected |
|
|
Confidentiality |
Integrity |
Availability |
| Denial
of Service Attack |
|
|
* |
| Power
Supply Failure |
|
|
* |
| Malicious
Code Infection |
* |
* |
* |
| Theft
and Fraud |
* |
|
* |
| Website
Intrusion |
* |
* |
* |
| Unauthorised
Data Access |
* |
* |
|
Addressing and taking care of security holes
is not necessarily a complicated and costly process.
First you need to set the scope of security management
required in your company. Look at the risk acceptance
level of your company as you determine the scale
of security management that meets your business
needs.
Refer to the Information
Security Management section for more details
on the concept and process of security management
in corporate environments.
|
English
