Information Security Concepts
The Concepts section describes the InfoSec best practices which can help any organization shore up their cyber defenses. Concepts can include anything from security awareness training, system hardening, Defense-in-Depth, and more. As an example, the concept of system hardening might include changing default passwords, renaming system accounts, applying a strong patch-management policy and procedure, and so-on. The concept would avoid system-specific details such as Linux root accounts or Windows administrator accounts. For more information on specific engineering best practices see the Security Engineering section of our InfoSec website.
All InfoSec best practices have a common goal - protecting the confidentiality, integrity, and availability of non-public, mission critical data and processing services. We protect against disclosure, destruction and alteration from cyber criminals, human error, natural or man-made disasters, and more. Applying best practice concepts such as Business Continuity Planning (BCP), Disaster Recovery (DR) planning, off-site DR centers, Business Impact Analysis (BIA), and myriad more, we can ensure institutional resilience and stability in times of strife.
Click on the left Concepts arrow to open a menu displaying a selection of InfoSec best-practices concepts to learn more!