Do you know about - Confidentiality, Integrity, Availability and What it Means to You
Recovery Database Network! Again, for I know. Ready to share new things that are useful. You and your friends.Confidentiality
What I said. It is not outcome that the actual about Recovery Database Network. You look at this article for facts about an individual want to know is Recovery Database Network.How is Confidentiality, Integrity, Availability and What it Means to You
Confidentiality is ensuring that information is accessible only to those authorized to have access, regardless of where the information is stored or how it is accessed. Each worker within an organization has the accountability to verbalize the confidentiality of the information entrusted to them for job operation and this accountability must be reinforced through awareness. An awareness training agenda should address at the minimum, the following confidentiality topics to ensure an approved level of knowledge is imparted upon organization employees.
a. entrance Control
Access operate is any mechanism used for controlling which resources a user can entrance and the tasks which can be performed with the accessed resources. Passwords and biometrics are two methods of entrance operate that can be used individually or in compound to petite entrance to resources.
b. Passwords
Passwords and their safekeeping are a basic element of law and network security and are of key interest to hackers. An intruder in the organization's physical area may check under keyboards and in drawers to find passwords that have been written down and then use it to gain entrance to underground information. Password security can be augmented by further security measures such as smart cards and biometric identification systems. Employees need to be instructed on password creation and handling best practices.
c. Biometrics
Biometric technology can recognize individuals based on the physical characteristics of human body parts. The former biometric technologies in use are retina scanning, facial recognition, voice recognition, and fingerprint scanning. A sample is submitted by a user requesting entrance and compared to a database for a match with entrance permissions. Biometric information is difficult to duplicate and when used in conjunction other entrance methods such as passwords and badges creates a very good defense against unauthorized entrance to organizational resources.
d. Encryption
Encryption is any process that converts readable (plaintext) data into underground code (ciphertext) to preclude unauthorized disclosure of the information. It can be used in Internet transactions, e-mail, and wireless networking. An encryption algorithm is a mathematical course that scrambles information to make it unreadable to unauthorized parties. Encryption has come to be the foundation of securing networks, communications systems, and online transactions. Employees should apply encryption whenever potential to ensure security.
e. Privacy
Privacy is the stoppage of confidential or personal information from being viewed by unauthorized parties and the operate over its collection, use, and distribution. The terms privacy and confidentiality can be used interchangeably. Maintenance of privacy is primary to preclude unauthorized disclosure which can lead to identity theft or other issues.
f. Ethics
Employees should be given clear instruction, via policy, on what the organization considers approved behavior and should also be informed of the processes in place for clarification of ethical concerns and for disclosure of unethical activities.
Data Integrity
Data Integrity is defined as safeguarding the accuracy and completeness of information and processing methods from intentional, unauthorized, or accidental changes. Maintaining data integrity is primary to the privacy, security, and reliability of business data. Integrity of data can be compromised by malicious users, hackers, software errors, computer virus infections, hardware component failures, and by human error in entering or transferring data. Mitigating data integrity risks can allow for rapid recovery of data. Employees can mitigate risk by quarterly data backups and off-site derive storage of backup media, integrity monitoring tools, and encryption.
a. Configuration Management
Configuration or convert management is a process to introduce changes into an information technology environment. convert in an environment can introduce new vulnerabilities and by the process of configuration management changes can be implemented in a documented, systematic, monitored, and reversible manner. Formalized configuration management processes should be implemented by organizations and followed by employees.
b. Configuration Auditing
Configuration auditing involves the verification that only approved changes have been made to systems. Auditing also verifies that the configuration management procedures are adhered to by employees and that all settings are documented. Auditing to actively monitor systems and log changes for reconciliation with configuration management documentation can be performed whether manually or automated with the use of specialized systems.
Availability
Availability is ensuring that authorized users have entrance to information and associated assets when required. This can be terminated utilizing data backup plans, disaster recovery plans, and business continuity/recovery plans. Employees should be trained in their responsibilities as it relates to data backups, disaster recovery, and business continuity.
a. Data Backup Plan
Data backups are an primary part of information security and an organization must be able to restore data in the event of data corruption or hardware failure. Backups should be done on a quarterly basis and the frequency is dependent upon how much data an organization is willing to lose in the event of loss (Recovery Point Objective). The backup media should be stored in a derive location, possibly off-site, which is not exposed to the same hazards as the former data. Backups should also be periodically restored to test systems to ensure that the process is functioning properly and within the specified time frame (Recovery Time Objective) before the need for the backup truly arises.
b. Disaster recovery Plan (Drp)
A Drp is a plan that is used to recover speedily after a disaster with a minimum of impact to the organization. Dr planning should be part of the preliminary stage of implementing It systems. Dr plans are developed in response to risk assessments and designed to mitigate those risks. Risk assessments resolve the frequency and extent of potential disasters; this will allow an organization to resolve which technologies to implement to perform an approved level of recovery. External audits can be primary to peruse deficiencies, although an organization's Drp can never be fully tested until a disaster truly occurs.
c. business Continuity Plan or business restoration Plan
The business continuity plan (Bcp), sometimes called a business restoration plan (Brp), is an primary part of a disaster recovery plan. This is a plan that details, step-by-step, how to continue or speedily resume normal business after a disaster occurs in a methodical manner. The Bcp must also recognize employees responsible for implementing the assorted plan components and these employees should receive clear instruction on their responsibilities in the event of a disaster. The plan must be revised usually to ensure that any changes to business processes are reflected in the Bcp.
I hope you obtain new knowledge about Recovery Database Network. Where you can offer used in your everyday life. And most of all, your reaction is Recovery Database Network.Read more.. Confidentiality, Integrity, Availability and What it Means to You. View Related articles associated with Recovery Database Network. I Roll below. I actually have counseled my friends to assist share the Facebook Twitter Like Tweet. Can you share Confidentiality, Integrity, Availability and What it Means to You.
No comments:
Post a Comment