Wk 11 - Security requirements and planning for the future. Flashcards
What company info is protected by a record retention system?
intellectual capital
Patents, transactional & analytical info.
What impact does implementing a record retention system have on information security in a small business?
Comply with regulation.
Provides a schedule of each records details, reason for keeping them, disposal date.
Assist in discovery in event of legal action
What is the biggest information security roadblock for organisations attempting to implement a record retention system?
Modern business requires people to access info electronically.
Most security breaches result from people misusing org info either advertently or inadvertently.
What are the responsibilities of a Board or Director?
Recognise and support the implementation of a security implementation plan.
How is information looked after?
Via written policies, guidelines, personnel procedures and organisational rules for information.
How is information retired?
archived or retired depending on it’s nature and in accordance with privacy policy, tax and corporate regulation.
What are the long term interests of the data and transactions that are collected?
Protects orgs ability to function,
data &
tech assets
What is computer security?
AUAD
The protection of assets from unauthorise:
access
use
alteration
destruction
Define physical & logical security
Physical - tangible protection devices (alarms, guards, doors)
Logical - non tangible means (policies, software)
Name the 3 primary logical security areas
APD
Authentication / authorisation (access, access defined)
Prevention & resistance (filtering, firewall)
Detection / response (anti virus)
What is a threat
Any act or object that poses a danger to computer assets.
