Page 7 - index
P. 7
RESEARCH, ANALYSIS & TRENDS
Besides all these guidelines, let’s make a note that IT ized changes; and constant availability is of course re-
security will never be a static process but dynamic, de- quired to fight threats that violate the protection goals of
pending on the technical developments. At times, when IT security and can lead to damage.
there were just a few mainframe computers that were
served exclusively by experts, IT security hardly played Cryptography, as well as its follow-up mechanisms, are
a role - and if so, mainly focused on the physical protec- of course the basics, besides antivirus programs, which
tion of access to the system. But with the increase in detect known viruses, worms and Trojans, and prevent
electronic representations, networking, and control of their execution. Still, despite all these protection mech-
real processes in information systems, the scope of the anisms, technically not all attacks can be completely
term "IT security" expanded and influenced the type of blocked, since we have to consider human mistakes
required security mechanisms, too. and social engineering tactics, such as phishing at-
tacks, too.
Quite obviously, IT security has different aspects, which
is why it is crucial to clarify systematically and in detail Security is an ongoing process of exercising due care
what has to be protected, what threats exist and can be and due diligence to protect information and systems
carried out, based on what security gaps and vulnerabil- from unauthorized access, use, disclosure, destruction,
ities are there. In fact, the three mentioned protection modification, disruption or distribution. It is a never end-
goals can always serve as useful guideline: Confidenti- ing process that involves ongoing training, assessment,
ality aims to hide information and resources (e.g., man- monitoring and review, since it is an indispensable part
ufacturing data, record communications) from prying of all the business operations across different domains.
eyes; integrity focuses on the intactness of information ◊
and resources and aims to protect them from unauthor-
By Daniela La Marca
MediaBUZZ Pte Ltd - Independant ePublisher for Asia
Besides all these guidelines, let’s make a note that IT ized changes; and constant availability is of course re-
security will never be a static process but dynamic, de- quired to fight threats that violate the protection goals of
pending on the technical developments. At times, when IT security and can lead to damage.
there were just a few mainframe computers that were
served exclusively by experts, IT security hardly played Cryptography, as well as its follow-up mechanisms, are
a role - and if so, mainly focused on the physical protec- of course the basics, besides antivirus programs, which
tion of access to the system. But with the increase in detect known viruses, worms and Trojans, and prevent
electronic representations, networking, and control of their execution. Still, despite all these protection mech-
real processes in information systems, the scope of the anisms, technically not all attacks can be completely
term "IT security" expanded and influenced the type of blocked, since we have to consider human mistakes
required security mechanisms, too. and social engineering tactics, such as phishing at-
tacks, too.
Quite obviously, IT security has different aspects, which
is why it is crucial to clarify systematically and in detail Security is an ongoing process of exercising due care
what has to be protected, what threats exist and can be and due diligence to protect information and systems
carried out, based on what security gaps and vulnerabil- from unauthorized access, use, disclosure, destruction,
ities are there. In fact, the three mentioned protection modification, disruption or distribution. It is a never end-
goals can always serve as useful guideline: Confidenti- ing process that involves ongoing training, assessment,
ality aims to hide information and resources (e.g., man- monitoring and review, since it is an indispensable part
ufacturing data, record communications) from prying of all the business operations across different domains.
eyes; integrity focuses on the intactness of information ◊
and resources and aims to protect them from unauthor-
By Daniela La Marca
MediaBUZZ Pte Ltd - Independant ePublisher for Asia
