Information centric security is not independent of conventional perimeter based security systems. Firewalls, anti-virus programs, virtual private networks etc. are still essential to maintain integrity and security of the information system. In addition to this the organization needs to make information centric methods a permanent part of the system through a strict enforcement of information centric security policies.
A key element in maintaining the security of information systems is securing common outlets for unauthorized dissemination of information such as emails, removable media and portable devices such as laptops and PDAs. Some of the policies that an organization might to be beneficial to put in place are:
– Encryption of all outgoing messages containing corporate data
– Use of WPA or better standards for wireless security
– Compulsory tagging of all information with standardized metadata.
– Compulsory use of encrypted tunnels to transfer corporate information.
– Authentication of individuals before allowing them to carry removable media such as USB memory sticks out of corporate premises.
– Use of reliable trustworthy delivery services when transferring media containing sensitive information to another location.
– Compulsory encryption of corporate data that is stored on laptops or handheld devices such as PDAs.
The organization must not depend on the users to comply with the policies by their own free will, but wherever possible, there should be automatic safeguards in place in the architecture of the system that prevent the users from breaking these rules and policies. For example the system could be setup to refuse a user’s command to copy a file marked as sensitive into removable media.
Kindly order term papers, essays, research papers, dissertations, thesis, book reports from the order page.