Availability,
Storage and Policy are one of the characteristic of each
dimension.
Availability: Availability of information occurs when users
have access to it in usable format without interference or obstruction. Availability does not imply that the
information is accessible to any user, it means the information is accessible
to authorized users.
Storage: Storage is another important characteristic for
information security. Security strategy should assess that enough storage is
available of take the consideration of unexpected failures and keeping the
information in secured place where the information can be restored when it is
required.
Policy: Policy is critical for implement information
protection, it provides guidelines, what actions need to be taken and when it
should happen. Policy sets the rules that defines the acceptable behavior.
Policy defines the set of rules about what information needs
to be available and who should have access to it, Policy provides the
guidelines for IT infrastructure team what measures have be taken for storage
and accessibility for storage to make it available for all the users.
Integrity,
Storage and Policy
Integrity is the quality or state of being whole, complete
and uncorrupted. The integrity of information is threatened when it is exposed to
corruption. When it is exposed to corruption, damage, destruction or other
disruption of its authentic state. Corruption can occur while information is
being entered, stored or transmitted.
Integrity, storage and Policy cell identifies what measures
have been considered in policy and storage to support the data integrity.
Better policy defines the measures to data integrity.
Storage,
Processing and Transmission
Processing of the data is one of the major security major
that need to be considered. As mentioned in Integrity, data can be corrupted in
any stage of entered, stored or transmitted.
Storage, Processing and Transmission cell defines the where
the data has been stored and security measures for the storage devices, how the
data is being processed and what security measures need to be taken in
processing and transmission, such data encryption and data parsing.
Reference: Management
of Information Security, by Michael E Whitman and Herbert J Mattord
No comments:
Post a Comment