ITM 438 MOD 4 Case
.docx
keyboard_arrow_up
School
Trident University International *
*We aren’t endorsed by this school
Course
438
Subject
Information Systems
Date
Jan 9, 2024
Type
docx
Pages
6
Uploaded by adrianaamore14
1
Information Security Systems
Adriana M. Moreno
ITM 438 – Information Security Management and Assurance Trident University International Steve Gralewski
November 6, 2023
2
Information Security Systems
Information security is more important today than ever before. Technology is changing and
growing every single day, growing more sophisticated as time goes on. It seems that the easier or
more convenient life seems to get through the use of technology, the more compromised our
information seems to become. Information security, or INFOSEC, is an integral part of every
business or organization. It protects not only digital information, such as information that is
stored in the cloud for example, but also written or stored information as well, to include
proprietary information or even ideas. Businesses and organizations need to ensure they are
keeping not only their information secure, but also the information of their customers. It seems
that you hear of a data breach from a company that was hacked almost monthly, if not more
often. This compromises the integrity and the reputation of the company, as well as puts the
customers at risk for fraud, identity theft, and much more. INFOSEC practices make it possible
for businesses or organizations to keep data in the hands of those who need to access it, keep any
kind of deletion or modification of said data at bay. All this to say that INFOSEC is having to
adapt as often as the new technology dictates and changes as well.
3
Three Components of INFOSEC
There are three components or pillars which guide the INFOSEC within a business or organization, these are known as the CIA triad (Chai, 2023). The pillars are; confidentiality, integrity and availability. First is confidentiality, more specifically data confidentiality; this meaning that data within an organization is only accessible to those whom need to have access to
it, either a user or someone who needs access to information to complete their job to do what is needed (DOT Security, 2023). The next pillar is integrity; to ensure a company is keeping this pillar protected, they create systems to bolster their infrastructure by backing up data, and creating contingency plans in the event of a data breach, which are much more likely to occur these days (DOT Security, 2023). The final pillar is availability, or data availability. This refers to
the ability to access information when needed, by those whom are authorized to use it; such as after a data breach or an attack, the employees who need access to the information may not have it as soon as they need it, which can delay the productivity or even the profits of the company or organization (DOT Security, 2023). Differences in Laws and Ethics
In general, our society is guided by both laws and ethics; it is the bedrock on which a modern civilized life is built. Laws are defined as “rules that mandate or prohibit certain behavior in society” (University of Arkansas Grantham, n.a.). Every state, country, tribe or governing body has laws, they are all different but all aim to maintain some order among people on a daily basis. Laws are derived from ethics “which define socially acceptable behaviors” (University of Arkansas Grantham, n.a.), it is not socially acceptable to steal, therefore there are laws to prevent the act of theft for example, and those actions are prosecutable by law; the
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help