What is a security policy

A Security Policy identifies the rules and procedures for all individuals accessing and using assets and resources of an organization. Is a model of organization culture in which rules and procedures that follows the proper use of information and equipment, basically all involving any interaction with any kind of potential hazard to the integrity of the information.

The objectives of a security policy is the preservation of confidentiality, integrity and availability of a systems and information user by their members. The three principles are

  • confidentiality: protection against unauthorized entities
  • integrity: ensures the modification of assets is handled in a specified and authorized manner
  • availability: the state of the system hace continuous access
The security policy is a document that specifies in various sections from regulations of government to warnings of how to use the equipment you are given in your office.

We as a society need to figure out the best ways not only to have a document like this in your organizations but also in our daily basis. An example of not using properly technology can be find in most of the router homes in our country or the personal computers and cellphones, people doesn't have the proper care of all the technology that is now surrounding us.

Comments

Post a Comment

Popular posts from this blog

Ethical hacking

Image
The ACM in 1992 adopted the ACM Code of Ethics and Professional Conduct, it consist of 24 statements of personal responsibility. Some of them are: Contribute to society and human well being, Avoid harm to others, Be honest and trustworthy, Respect privacy to others, Honor confidentiality, etc. Some of them involve more professional topics like: Strive to achieve highest quality, Acquire and maintain professional competence, Know and respect existing laws, Honor contracts, agreements and assigned responsibilities, etc. To the full article you can check this website  https://www.acm.org/about-acm/acm-code-of-ethics-and-professional-conduct#sect1 . Here are some existing and really serious example of some of the statutes written in the code of ethics that this author believes is important for the reader: 1) don't spy the work of others 2) Respect the plants   3) Don't harm other ppl 4) Don't enter the girls bathroom 5) Be careful with the water, you ca
Read more

Cryptography

Image
Criptography is a method of storing and transmitting data in a particular form so that only those intended are able to read and process information. It includes techniques such as microdots, merging words with images and many more ways for handling information. Modern cryptography concerns itself with the following four objectives Confidentiality Integrity Non-repudiation Authenticationç In order to use it correctly there are procedures and protocoles that need to be meted, they refer to mathematical procedures and many different computer programs, but you must not forget that it need to include the regulation of a human behaviours in order to be complete random or non-pattern forms.
Read more

Integrity, Availability and Confidentiality

Image
Three goals: Integrity, Availability and Confidentiality I see this words as the key for a product involving IT in the 21st century, let's take a look to the definitions.  Integrity: the quality of being honest and having strong moral principles that you refuse to change. Availability: suitable or ready for use; of use or service. Confidentiality: the state of keeping or being kept secret or private.  To ensure the security of the customers, a product or service must be certain that this 3 goals are accomplished. Every time you download an app or suscribe to a webpage, you are giving your personal data, every second you spent logged into Google or Facebook you are giving your personal data to them, every word you type on Instagram or Gmail that word is saved in some server and accesible by a person. Now that you know this, this three words now look important, you want to be confident that this companies and the people they hire have integrity, you want to be confident th
Read more