Information Assurance and Security

摘要

Information assurance contains all the elements of information security (confidentiality) but also includes elements of availability, and integrity. Information assurance provides a view of information protection that includes defensive measures in all three states ― processing, storage, and transmission. To defend information and data there are three fundamental countermeasure categories: 1. technology, 2. operations, 3. awareness, training and education. Fifteen years ago, the U.S. government identified these as the three primary countermeasures to protect Critical Information Infrastructure (CIP). It is important to remember that in an electronic era, information must be defended not only for national security but for legal reasons such as FERPA and HIPPA. In a recent article, Maconachy points out that the end user is the first line of defense.