Professional Documents
Culture Documents
Unit 7
Unit 7
three main areas of accountability regarding information security. When discussing each area,
We are living in a world where information is free. Everybody can access almost any subject
on the internet, just typing in Google search few words. We are subscribing to websites
without paying attention to the Terms and Conditions and our private data is sold to interested
companies.
This became a big issue on the world wide web and recently, important measures are taken to
It is important to restrict the information that is private. Confidentiality is at risk and this
The three main areas of accountability regarding information security are confidentiality,
integrity, governance.
Confidentiality
reaching the wrong people while making sure that the right people can get
This is very important because information is power and in the wrong hands, it can harm
people. High confidential measures are taken and also improved to protect personal
information, bank accounts, credit cards and other private documents. If someone wants to
keep a secret, even if it is stored somewhere online, that person should have this option.
The data that is categorized as confidential is classified by the risk and the damage that could
Examples
• One way to protect the date is through encryption. Encryption implies that only some
people who have a “key” can read encrypted information. This is one of the most common
years, more and more websites ask for this type of authentication, ensuring the
• Another example is security tokens. Many banks adopted this measure. The token has a
private username and code and in order to use it, the user has to generate a password that is
active for only five minutes. If the user inserts the username and the code wrong for three
• Another measurement that I encourage is protecting the devices we use. If, for example, a
Mac user will activate the device from a different IP, he will receive a message on the
Integrity
valuable and the integrity is supposed to maintain the accuracy of information and
trustworthiness if the data. People hired to protect the integrity and confidentiality of the data
have to be very vigilant and spot the hackers and their attempt to steal the info in the incipient
phase.
Examples
• If the information is altered from the original, it could return in money loss. If someone
tries to send funds and the name of the receiver is altered in the process, the initial user will
lose the funds and probably the bank will lose the customer for poor measurements
information.
Governance
Governance refers to the responsibilities and practices of the board and executive
clear.
Examples
• Set priorities
chapter/chapter-6-information-systems-security/
Read "Computers at Risk: Safe Computing in the Information Age" at NAP.edu. (n.d.).
What is confidentiality, integrity, and availability (CIA triad)? - Definition from WhatIs.com.
availability-CIA
Confidentiality, Integrity, Availability: The three components of the CIA Triad. (n.d.).
availability-the-three-components-of-the-cia-triad/