Community hub
Recent from talks
Contribute something to knowledge base
Content stats: 0 posts, 0 articles, 0 media, 0 notes
Members stats: 0 subscribers, 0 contributors, 0 moderators, 0 supporters
Subscribers
Supporters
Contributors
Moderators
Information assurance
Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information. Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of user data. IA encompasses both digital protections and physical techniques. These methods apply to data in transit, both physical and electronic forms, as well as data at rest. IA is best thought of as a superset of information security (i.e. umbrella term), and as the business outcome of information risk management.
Information assurance (IA) is the process of processing, storing, and transmitting the right information to the right people at the right time. IA relates to the business level and strategic risk management of information and related systems, rather than the creation and application of security controls. IA is used to benefit business through the use of information risk management, trust management, resilience, appropriate architecture, system safety, and security, which increases the utility of information to only their authorized users.
Besides defending against malicious hackers and code (e.g., viruses), IA practitioners consider corporate governance issues such as privacy, regulatory and standards compliance, auditing, business continuity, and disaster recovery as they relate to information systems. Further, IA is an interdisciplinary field requiring expertise in business, accounting, user experience, fraud examination, forensic science, management science, systems engineering, security engineering, and criminology, in addition to computer science.
With the growth of telecommunication networks also comes the dependency on networks, which makes communities increasing vulnerable to cyber attacks that could interrupt, degrade or destroy vital services. Starting from the 1950s the role and use of information assurance has grown and evolved. These feedback loop practices were employed while developing WWMCCS military decision support systems.
In the beginning information assurance involved just the backing up of data. However once the volume of information increased, the act of information assurance began to become automated, reducing the use of operator intervention, allowing for the creation of instant backups. The last main development of information assurance is implementing distributed systems for the processing and storage of data through techniques like SANs and NAS plus using cloud computing.
These three main developments of information assurance parallel the three generations of information technologies, the first used to prevent intrusions, the 2nd to detect intrusion and the 3rd for survivability. Information assurance is a collaborative effort of all sectors of life to allow a free and equal exchange of ideas.[citation needed]
Information assurance is built between five pillars: availability, integrity, authentication, confidentiality and nonrepudiation. These pillars are taken into account to protect systems while still allowing them to efficiently provide services; However, these pillars do not act independently from one another, rather they interfere with the goal of the other pillars. These pillars of information assurance have slowly changed to become referred to as the pillars of Cyber Security. As an administrator it is important to emphasize the pillars that you want in order to achieve your desired result for their information system, balancing the aspects of service, and privacy.
Authentication refers to the verification of the validity of a transmission, originator, or process within an information system. Authentication provides the recipient confidence in the data senders validity as well as the validity of their message. There exists many ways to bolster authentication, mainly breaking down into three main ways, personally identifiable information such as a person's name, address telephone number, access to a key token, or known information, like passwords.
Information assurance
Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information. Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of user data. IA encompasses both digital protections and physical techniques. These methods apply to data in transit, both physical and electronic forms, as well as data at rest. IA is best thought of as a superset of information security (i.e. umbrella term), and as the business outcome of information risk management.
Information assurance (IA) is the process of processing, storing, and transmitting the right information to the right people at the right time. IA relates to the business level and strategic risk management of information and related systems, rather than the creation and application of security controls. IA is used to benefit business through the use of information risk management, trust management, resilience, appropriate architecture, system safety, and security, which increases the utility of information to only their authorized users.
Besides defending against malicious hackers and code (e.g., viruses), IA practitioners consider corporate governance issues such as privacy, regulatory and standards compliance, auditing, business continuity, and disaster recovery as they relate to information systems. Further, IA is an interdisciplinary field requiring expertise in business, accounting, user experience, fraud examination, forensic science, management science, systems engineering, security engineering, and criminology, in addition to computer science.
With the growth of telecommunication networks also comes the dependency on networks, which makes communities increasing vulnerable to cyber attacks that could interrupt, degrade or destroy vital services. Starting from the 1950s the role and use of information assurance has grown and evolved. These feedback loop practices were employed while developing WWMCCS military decision support systems.
In the beginning information assurance involved just the backing up of data. However once the volume of information increased, the act of information assurance began to become automated, reducing the use of operator intervention, allowing for the creation of instant backups. The last main development of information assurance is implementing distributed systems for the processing and storage of data through techniques like SANs and NAS plus using cloud computing.
These three main developments of information assurance parallel the three generations of information technologies, the first used to prevent intrusions, the 2nd to detect intrusion and the 3rd for survivability. Information assurance is a collaborative effort of all sectors of life to allow a free and equal exchange of ideas.[citation needed]
Information assurance is built between five pillars: availability, integrity, authentication, confidentiality and nonrepudiation. These pillars are taken into account to protect systems while still allowing them to efficiently provide services; However, these pillars do not act independently from one another, rather they interfere with the goal of the other pillars. These pillars of information assurance have slowly changed to become referred to as the pillars of Cyber Security. As an administrator it is important to emphasize the pillars that you want in order to achieve your desired result for their information system, balancing the aspects of service, and privacy.
Authentication refers to the verification of the validity of a transmission, originator, or process within an information system. Authentication provides the recipient confidence in the data senders validity as well as the validity of their message. There exists many ways to bolster authentication, mainly breaking down into three main ways, personally identifiable information such as a person's name, address telephone number, access to a key token, or known information, like passwords.