Privacy, when used in the context of information security, relates directly to maintaining the confidentiality of information. To assure that information remains inaccessible by unauthorized users, the infrastructure owner must have a comprehensive understanding of the information assets being maintained by the organization (i.e. an inventory). The assets must be classified (i.e. “Sensitive”, “Public”, etc.). Resources must then be expended to protect the most sensitive information by securing what is needed to implement the organization’s security policies.
Its Relevance: An organization can’t provide information assurance without an understanding of what needs to be protected. Every organization must take steps to maintain confidentiality of its information assets. A loss of secrecy of the most sensitive information that a business or company possesses can threaten its very existence.
Return from "Privacy" to Words [P -R]