Information protection policy

Information protection policy

Information protection policy is a document which provides guidelines to users on the processing, storage and transmission of sensitive information. Main goal is to ensure information is appropriately protected from modification or disclosure. It may be appropriate to have new employees sign policy as part of their initial orientation. It should define sensitivity levels of information.

Content

* Should define who can have access to sensitive information.
* Should define how sensitive information is to be stored and transmitted (encrypted, archive files, uuencoded, etc).
* Should define on which systems sensitive information can be stored.
* Should discuss what levels of sensitive information can be printed on physically insecure printers.
* Should define how sensitive information is removed from systems and storage devices.
* Should discuss any default file and directory permissions defined in system-wide configuration files.

ee also

*Network security policy
*Computer security policy
*User account policy
*Remote access policy
*Internet security
*Computer security
*Network security
*Industrial espionage
*Information security

External links

* [http://csrc.nist.gov/ National Institute for Standards and Technology]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать реферат

Look at other dictionaries:

  • Information privacy — Information privacy, or data privacy is the relationship between collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them. Privacy concerns exist wherever personally… …   Wikipedia

  • Information security — Components: or qualities, i.e., Confidentiality, Integrity and Availability (CIA). Information Systems are decomposed in three main portions, hardware, software and communications with the purpose to identify and apply information security… …   Wikipedia

  • protection — Level to which the capital is partially protected, below which the net asset value of a SGAM Flexible ETF may not fall in any rolling one year period. NYSE Euronext Glossary * * * protection pro‧tec‧tion [prəˈtekʆn] noun [uncountable] 1. the act …   Financial and business terms

  • Information Awareness Office — seal The Information Awareness Office (IAO) was established by the Defense Advanced Research Projects Agency (DARPA) in January 2002 to bring together several DARPA projects focused on applying surveillance and information technology to track and …   Wikipedia

  • Information privacy law — Information privacy laws cover the protection of information on private individuals from intentional or unintentional disclosure or misuse. The European Directive on Protection of Personal Data, released on July 25, 1995 was an attempt to unify… …   Wikipedia

  • Security policy — is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanisms such as doors,… …   Wikipedia

  • Information Rights Management — Information Rights Management(IRM) is a term that applies to a technology which protects sensitive information from unauthorised access. It is sometimes referred to as E DRM, Enterprise Digital Rights Management. This can cause confusion because… …   Wikipedia

  • Information security professionalism — is the set of knowledge that people working in Information security and similar fields (Information Assurance and Computer security) should have and eventually demonstrate through certifications from well respected organizations. It also… …   Wikipedia

  • Information ethics — is the field that investigates the ethical issues arising from the development and application of information technologies. It provides a critical framework for considering moral issues concerning informational privacy, moral agency (e.g. whether …   Wikipedia

  • Information Technology Association of America — The Information Technology Association of America (ITAA) is a leading industry trade group for information technology companies. The Association s membership contains most all of the world s major ICT firms and accounts for over 90% of ICT goods… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”