E-Mail Address: support@nursingpaperacers.com

Whatsapp Chats: +1 (601) 227-3647

Information Security is Integrity

Information Security is Integrity

Information Security is Integrity

NOW FOR AN ORIGINAL PAPER ASSIGNMENT:Information Security is Integrity

Restricting downloads is a very common way for organizations to prevent viruses and other malicious code from entering their networks. The policy should also clearly define which activities are not acceptable and identify the consequences for violations.

The last area of information security is integrity. Employees need to have confidence that the information they are reading is true. To accomplish this, organizations need clear policies to clarify how data are actually inputted, determine who has the authorization to change such data, and track how and when data are changed. All three of these areas use authorization and authentication to enforce the corporate policies.

Access to networks can easily be grouped into areas of authorization (e.g., users can be grouped by job title). For example, anyone with the job title of “floor supervisor” might be authorized to change the hours worked by an employee, whereas an employee with the title of “patient care assistant” cannot make such changes.

Authentication of Users

Authentication  of employees is also used by organizations in their security policies. The most common ways to authenticate rely on something the user knows, something the user has, or something the user is ( Figure 12-1 ).

A © Photos.com

B

C © Gary James Calder/Shutterstock

Figure 12-1 Ways to Authenticate Users

A. An ID badge, B. Examples of weak and strong passwords, C. A finger on a biometric scanner.

Something a user knows is a  password . Most organizations today enforce a strong password policy, because free software available on the Internet can break a password from the dictionary very quickly. Strong password policies include using combinations of letters, numbers, and special characters, such as plus signs and ampersands. Some organizations are suggesting the use of passphrases to increase the strength of a password. See  Box 12-1  for an overview of best practices to create strong passwords. Policies typically include the enforcement of changing passwords every 30 or 60 days. Passwords should never be written down in an obvious place, such as a sticky note attached to the monitor or under the keyboard.

BOX 12-1 BEST PRACTICES FOR CREATING AND MANAGING PASSWORDS

DO

·