As we have learned this week in chapter 3 of Information Security for Non-Technical Managers, information security standards is defined as consisting of three elements: "The preservation of confidentiality: ensuring that information can only be accessed by those authorized to do so", "Maintaining integrity: safeguarding the accuracy and completeness of information and that no unauthorized changes are made" and "Ensuring availability: ensuring that authorized parties can access information when required." (Gelbstein, 2013) These comprise the three main areas of accountability regarding information security. Accountability is a vital information security concept. The word means that every person that works with an information system should have certain responsibilities for information assurance. The duties for which a person is responsible
…show more content…
When we speak about confidentiality of information, we speak about protecting the information from exposure to unauthorized groups. Information is extremely valuable, especially nowadays. For example, personal information, like bank account statements and credit card numbers or even government documents or some trade secrets people would definitely like to keep secret. Protecting information as such is a crucial part of information security.
A key element in protecting information confidentiality has to be encryption. Encryption guarantees that only the right individuals, who have the key, can access the information. Encryption is extremely widespread in today’s world and takes part in most of the major protocols in use. A noteworthy example would be SSL-TLS, a security protocol for communications on the internet that is being used together with a huge number of internet protocols to guarantee security.
Other ways to guarantee information confidentiality consist of: enforcing file permissions and implementing access control lists to restrict admission to sensitive
When we speak about confidentiality of information, we speak about protecting the information from exposure to unauthorized groups. Information is extremely valuable, especially nowadays. For example, personal information, like bank account statements and credit card numbers or even government documents or some trade secrets people would definitely like to keep secret. Protecting information as such is a crucial part of information security.
A key element in protecting information confidentiality has to be encryption. Encryption guarantees that only the right individuals, who have the key, can access the information. Encryption is extremely widespread in today’s world and takes part in most of the major protocols in use. A noteworthy example would be SSL-TLS, a security protocol for communications on the internet that is being used together with a huge number of internet protocols to guarantee security.
Other ways to guarantee information confidentiality consist of: enforcing file permissions and implementing access control lists to restrict admission to sensitive