Abstract: Information security is no longer
an afterthought in the development of technical solutions to business problems.
It has now become the top concern of senior management and technologists alike
in the development and operation of those technology solutions. That is because
those solutions now represent an integral part of the business process, enabling
enterprises to operate more efficiently, effectively, and profitably.
Information security solutions are no longer built around a specific technology.
The enterprises implementing the solutions are not the only one who
understand the value. Their advisories also do and they recognise the value of
compromising the business solutions for their own gains. The challenge in
information security is that the adversory only has to be the correct one but
the protector has to be right all the time.
The new focus is an information-centric
model. This model strives to ensure that the three pillars of information
security are met: confidentiality, integrity, and accessibility of the
information being protected. In this model the information is analyzed and
assessed for its value to the organization. Once that is understood, information
is given an appropriate level of protection based on its assessed value. That
protection will include process, procedure, and policy elements and will use
technology elements as a tool to enforce them.
For further read,
download the document
Source: F5 Networks