Information Assurance

We rattling and conduct business in an restless asymmetric threat environment. An individual, business or fundamental law mustiness adapt and treasure its springy culture assets and critical digital infrastructure. Failure to do so is foolhardy and may be considered as an limpid lack of collectable diligence for the great unwashed who have fiduciary and custodial responsibilities. some(prenominal) event that causes damage to information resources, whether it is a computer virus, natural disaster or system failure could be desolate to an individual (i.e. identity theft), company, its clients, suppliers and shareholders. Failing to do so may threaten the excerpt of the company itself.An information system credentials br all(prenominal) could result in undecomposed financial losses, the disclosure of protected mystic information, loss of investigate and development data or fines by regulatory agencies. losses due to intrusions into an information system could negativ ely affect the general public (i.e. actor failures). This might result in dear(p) class action lawsuits that could exceed an memorial tablets capacity to pay and result in its dissolution. up to now an individual might be sued for default and be financially ruined.So how should an organization or person protect its worthful digital processing infrastructure? A business should establish and implement a comprehensive information assurance plan. Individuals should at least address the constituents of a maestro information assurance plan. Doing so is recite that the infrastructure owners are attempting to practice due diligence.An information assurance plan for an organization should be formalized and approved in the organizations policies and have the following components Confidentiality, one, availableness, Accountability and Non-Repudiation.Lets before long examine eachA. Confidentiality refers to restricting entre to data, information or to any component of the digital processing infrastructure unless at that place is a Need for an individual to be able to access it. The need must be aligned with an employees job requirements and the military commission of the organization. Strong confidentiality prevents the disclosure of sensitive records, research and development information.B. Integrity refers to maintaining the validity and reliableness of information that is to be used for decision-making. An information infrastructure that has integrity can be depended upon when making decisions. The information is otherwise useless. Integrity must be aggressively assured.C. Availability is that characteristic of information, which assures that critical information is bushel for access precisely when, and where it is requisite and to whom it is needed so that decisions can be made. Computers and networks must be protected to assure that mission critical data is on legislate when needed.D. Accountability refers to the idea of assigning righteousness t o an individual or group of individuals for each part of the digital processing infrastructure. each time the information infrastructure is accessed someone needs to be responsible for its safe and legitimate use. Otherwise the system is move over to serious security breaches.E. Non-Repudiation is that component of information assurance that guarantees each party to a transaction is bound to its results. E-commerce, for example, would be unworkable without provisions for assuring that a customer actually made a purchase.Maintaining the confidentiality, integrity, availability and non-repudiation of the information processing infrastructure is vital to the survival of an organization.