Rise Information Solutions - No complications, just solutions

Understanding Information Risk:....
Information within any organisation is an asset and by definition someone outside the business wants it. If no one wanted it, it would not be an asset.

For information to be useful to a business it must be available (to those who need it). It must be confidential and its integrity must be guaranteed i.e., it can be relied on.

Information risk arises from both external and internal threats to the Confidentiality, Integrity and Availability of business information.

Positive Action:....

There are some simple steps that business of all sizes can take to reduce the likelihood and impact of future security incidents.

ü	Draw on the right expertise to understand the security threats you face and your legal responsibilities.

ü	Integrate security into normal business practice, through a clear security policy and staff education.

ü	Invest appropriately in security controls to mitigate the risks or transfer them.

ü	Check that your key security defences (such as operating system patches, disaster recovery plans, etc.) are robust and up to date.

ü	Respond to security incidents efficiently and effectively, to minimise business disruption.

Do these five things to keep your business healthy.

Understanding Information Security:....
In order for an organisation to be in a position to provide effective information security, it must have a clear focus on what it is seeking to protect and its corresponding threats.

IT assets tend to be viewed in tangible terms. For example web servers, database servers, routers, etc. IT departments take steps to protect these assets. Unfortunately, this granular view of assets fails to recognize that what really needs protection are the business processes these assets support.

Information security involves the preservation of Confidentiality, Integrity and Availability of information assets.