12 Principles

There are 12 basic article of faiths to info Security. The first tenet is that there is no such affaire as absolute security. What this meaning is that with the correct tolls, skills and time anyone stick out hack into a system. The second principle are the three security goals, which are C. I. A Confidentiality, Integrity and Availability. What this centre is that everyone must consider what data they want to be protected.It also means that one must be sure as to whom they want to access this information and when they should access this information. The third principle is when a company is protecting their data with armed guards, cameras, safes and secured passwords. This principle is c anyed Defense In Depth. The fourth principle is when stack are left alone they be to make the worst decisions. Function and Requirements is the fifth principle for information security.Function inside information what the system should be doing and the assurance requirements describe how the functions should be implemented. The following dickens questions should be asked when this principle comes into play does the system do the right thing? Does the system do the right things and in the right way. The sixth principle is that Security through Obscurity is Not an Answer. This principle simply means that if you believe that hiding information can keep back hackers from hacking into your system whencece you are misinterpreted.By misleading anyone into a sense of false security is to a greater extent(prenominal) detrimental than anything. Risk Management is the seventh principle. Its simple to understand this principle, what is the government issue of this loss and would this loss occur again. The eight principles are preventative, detective and reactive controls. Take the steps to detect the threat, prevent it and lastly respond bit the threat is occurring or after. What this means is that it will detect the threat, try to prevent the threat from happening.Complexi ty is The Enemy of Security is the ninth principle, this means that the more interfacing with programs the more difficult it becomes to protect the data. The tenth principle is that fear, uncertainty and doubt do not when trying to use scare tactics when selling products for security. No one will by products if they feel they are extremely scared. at once a days companies want to know what they are purchasing and wherefore they should be so fearful. The eleventh principle is that people, process, and technology are completely needed to adequately secure a system or facility.This means that in order for everything to work correctly we should not base all operation solely off of technology but on the people in takes to run and process the information. This process helps to ensure that everything runs smoothly. The last principle is Open disclosures of Vulnerabilities is Good for Security, which means that by letting everyone know what can be hacked into can let the companies know wh at measures need to be taken to ensure that it does not happen again. If it were closed off to the world then problems that arise would never be fixed or maintained.