One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 463970 |
| Date de publication | 2018-02-05 20:55:47 (vue: 2018-02-05 20:55:47) |
| Titre | NBlog February 5 - protecting information awareness module |
| Texte |  'Protecting information' is a non-specific title. Almost everything that we do is about protecting information so what does February's NoticeBored awareness module actually cover?'Protecting information' begs questions such as:What is the information that deserves or needs to be protected?What are the risks the information is protected against - the threats, vulnerabilities and impacts?How can or should the information be protected?Who is responsible for protecting it?For the answers, we drew inspiration from the fields of information risk management, intellectual property and knowledge management, as well as information security and governance. As usual, we chose to discuss all kinds or forms of information in the typical business context - not just computer data. 'Knowledge' for instance includes workers' experience and expertise, trade secrets and know-how in general. The corresponding information risks and controls are quite diverse.Information classification is one of the key controls patiently explained. The process of classifying and protecting information is more involved than it may appear. Awareness is particularly important for organizations handling government and defense information: it's all very well stamping SECRET on your manila folders, but what does that actually mean, in practice? What does it achieve? What's the point? How does it work?The materials promote a balanced and considered approach towards protecting information. Excessively strong information security reduces legitimate access to, and utility of, the information. The very value we seek to protect can be degraded by too much security. Many information/cyber security professionals would do well to consider this paradox! Protecting the availability of information sometimes means compromising on the controls for confidentiality and integrity. |
| Envoyé | Oui |
| Condensat | as about access achieve actually against all almost answers appear appetite: approach are as:what availability awareness balanced begs brief business but can chose classification classifying compromising computer confidentiality consider considered content context controls corresponding cover creative data defense degraded deserves discuss diverse does drew everything excessively experience expertise explained february fields folders forms from general get governance government handling has have how impacts important includes information information/cyber information: inspiration instance integrity intellectual involved just key kinds know knowledge legitimate like make management manila many materials may mean means module more much nblog needs non not noticebored one organizations outline paradox particularly patiently people point practice process professionals promote property protect protected protecting questions quite reduces responsible risk risks secrets security seek should something sometimes sounds specific stamping secret on strong such than threats title too touch towards trade typical usual utility value very vulnerabilities well what whetted who work workers would your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.