Legal Issues Dealing with Information Security



Legal Issues Dealing with Information Security

Introduction

Information security refers to all those preventive and reactive measures in organizations and technological systems that allow safeguarding and protecting the information intended to maintain the confidentiality, the availability and integrity of it. The concept of information security should not be confused with that of computer security, since the latter is only responsible for security in the computer medium that may find information in different ways or forms (Stoll,2003,269-353). For an individual, information security has a significant effect on their privacy which can take different dimensions depending on the nature of security breach.

The field of information security has grown and evolved considerably since the Second World War becoming a worldwide accredited career. This field offers many specialty areas, including the audit of information systems planning, business continuity, digital forensics and administration of safety management systems (Stoll,2003,269-353). However with the rise of information technology, the legal concerns also arose to ensure the safe access and retrieval of information, therefore, this paper discusses the legal issues concerning the information security.

The paper follows the following outline

Introduction- defining the purpose of the paper

The Significant legal issues-

Confidentiality, Integrity and Availability (CIA)

Confidentiality

Integrity

Risks to Digital Identity

Prevention

Availability

Assuring Data Validity

Information Security Management System

Intrusion Detection

Policies

Future Anticipated Problems

The significant Legal Issues

Confidentiality, Integrity and Availability (CIA)

Safety is a compromise between open systems in the world and locks them up so that information could not be used illegally. Neither scheme is secure, because they violate one of the basic teachings of the Security Council. Opening the system evaluates the privacy and prevents access to the information (Dhillon, 2007). The key is to understand the model of information security CIA - confidentiality, integrity and availability.

Proper Management of Information Security seeks to establish and maintain programs, policies and controls which are designed to preserve the confidentiality, integrity and availability of information. It should be noted that security is not a milestone; it is rather a continuous process that must be managed always knowing the vulnerabilities and threats that cling to any information, and taking into account the causes of risk and the impact it can have.

The data security is a set of controls that try to maintain the confidentiality, integrity and availability of information (Allen,2001,24-69). Access controls to the system and information resources, both logical and physical, are designed to protect against unauthorized entry or access to the system. In this respect, to protect the information resources of an organization, the access control software is critical to ensure the confidentiality, integrity and availability of information resources.

Confidentiality

Prevention of unauthorized disclosure, intentional or not, the contents of a message or information in general is important. Information loss can occur in many ways, for example, through the intentional release of confidential information from an organization or through misuse of access rights in a system (Allen,2001,24-69).

Integrity

Roughly speaking, integrity is keeping information accurately as it was generated without being manipulated or altered by unauthorized people or processes. The violation of integrity occurs when an ...