Professional Documents
Culture Documents
CIA
lity
Int
tia
• Confidentiality: keeping secret information secret
eg
n
de
rity
nfi
• Integrity: protecting information from being changed or damaged Security
Co
Information
• Availability: ensuring information is available when needed
Availability
Best Practices
These are methodologies generally recognized to achieve strong security within an organization. To get a
better understanding of security best practices, start by studying these security frameworks:
• CIS CSC
https://www.cisecurity.org/critical-controls.cfm
• NIST SP 800-53
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
• PCI DSS
https://www.pcisecuritystandards.org/document_library?category=pcidss&document=pci_dss
• ISO:/EC 27001/27002
http://www.iso.org/iso/catalogue_detail?csnumber=54534
http://www.iso.org/iso/catalogue_detail?csnumber=54533
Defense in Depth
Defense in depth is having many lines of defense to protect from one form of attack.