Arts and Technology Notes #4: Data and Assets
Source: Analytics Insight
Data
Information stored, processed and transmitted by computer systems within an organization, requiring protection from information security experts. Data represents the most important and valuable asset due to its ability to help staff achieve their goals through the process of sharing information between authorized individuals within a company. Data is both physical and electronic, both requiring policies and procedures in order to manage effectively within a company.
Software
Refers to applications, operating systems, and assorted command utilities. Many experts consider software the most difficult component to provide security for due to outside threat agent’s ability to exploit vulnerabilities within software source code. Security professionals constantly look to patch software errors in order to make it more functional and accurate for use within an organization.
Hardware
Consists of the physical technology that houses and executes the software, store and transports the data, and provides interfaces for the entry and removal of information from the system. One of the main goals of security professional would be to assure the physical security of hardware throughout a company. This often includes storing hardware in a secure location, proving access to only a few authorized members within an organization.
People
The individuals responsible for adhering to policies regarding the effective use of data. Human error remains one of the most frequent security issues within companies. Policies, education and training on an ongoing basis helps people behave responsibly when using technology, reducing the risk of breaching information.
Procedures
Written instructions for accomplishing a specific task. Many companies fail to provide proper training on procedures which has a direct influence on the number of security breaches a company faces. Information security professionals help organizations create procedures and share the information with appropriate staff in order to promote the effective use of technology.
Networks
Refers to information systems connecting to each other through LANs or the internet in order to transfer information between computer systems. The physical security of networks remains an important component of a security strategy, and the network security also depends on the use of firewalls and systems in order to maintain networks on an ongoing basis.