When you plan to keep information secure, you naturally begin to consider limiting access to the information. In fact, you can keep information secure if you just eliminate all access! However, the information system itself would be considered non-functional in this case. Instead, you need to allow the proper people the appropriate level of access […]
The main purpose of any organization’s Software/Systems Development Life Cycle (SDLC) plan is to outline the process it employs to design, develop, test, implement, and maintain high-quality software applications and systems with the goal to meet or exceed customer expectations. If you ever are asked to evaluate an organization’s (SDLC) plan, or to compose or […]
Protecting data integrity means assuring the accuracy and reliability of data during its immediate involvement in processing, as well as over its longer term lifecycle. It must be accounted for in the design, implementation, and usage of data in any system by implementing controls for data’s validity in processing, transit, and storage. The number and […]
Confidentially, in InfoSec, is the protection of information from unauthorized people and processes. It’s one of the three pillars of InfoSec’s CIA triad, along with integrity and availability. Ensuring confidentiality means taking adequate measures to ensure the protection of the secrecy of data objects, or resources. Note that it does not mean taking every measure […]
In viable information systems, data must be available when required by users. This mandates that all systems and subsystems tasked to serve the data for the user, including any security controls, must each be functioning correctly together. A “high availability” system is one that is supposed to serve its users at all times except for […]
Understanding Information Security (InfoSec) begins with comprehending three primary concepts: Confidentiality, Integrity, and Availability. In InfoSec, confidentiality, integrity, and availability are considered together and abbreviated as the CIA Triad. Since “CIA” can easily be confused as shorthand for the Central Intelligence Agency, and “Triad” may evoke the Trilateral Commission to some, it has become known […]
