An effective information security program involves all Work Force Members of the organization. More than technology – it requires each of us to be aware of the risks involved when accessing, using, modifying, and disclosing information.
Information Security – protecting the confidentiality, integrity and availability of information regardless of the form of data (electronic, paper base, conversation, and/or other forms); protecting information from unauthorized access, use, and / or disclosure. One thinking that “control” is the central purpose of information security is a common misconception. Actually, it’s better thought of as just having knowledge; which translates to an organization knowing about its informational-assets. Thus, not attempting to stop business operations, but obtaining the understanding of where and how information is necessarily shared and then assisting with administrative, technical, and physical safeguards in order to reduce risk for the best balance of operations while protecting information from unintended disclosure.
We envision this as an active source for assistance with information security related principles, technologies, policies, guidelines and standards.