Need for Information Security Realized By The Govt.
Twitter
Facebook
Delicious
Digg
Stumble
Reddit
Lately, there has been quite a bit of stir around government circles regarding putting Information Security into the limelight. From PSEB’s certification assistance program for ISO27001, the international ISO standard governing information security, to the recent PTA’s efforts to introduce Information Security Guidelines for government, telco’s and end users, the need for having a secure information system is definitely getting a boost. So what is Information Security anyway?Simply put, it’s securing your information assets. Unfortunately, for many people i’ve talked to over the last one year, information security is more about putting up anti-viruses, firewalls and other expensive vendor applications in place. If only being secured was so easy.The ISO standard, ISO27001 calls for an Information Security Management System (ISMS) which would enable an organization to classify and then protect it’s information assets. It ensures that through a series of required security controls in as many as nine control objectives, an organization is in good standing to manage risks to it’s information stores.According to the ISMS standard, a control is defined as “A control is any administrative, management, technical, or legal method that is used to manage risk. Controls are safeguards or countermeasures. Controls include things like practices, policies, procedures, programs, techniques, technologies, guidelines, and organizational structures.” Once an organization has these controls in place, then it is in a better position to utilize available technological solutions to protect only the information which it deems critical, resulting in a much more cost-effective method for long term reductions in risk. I think it’s good for our government to finally step up and make our organizations realize the risks which are inherrent to their infrastructures. What are your thoughts?Â
4:58 pm
mansoor, nice post. often we neglect trivial things like writing our user/pass on a paste it note for everyone to have a sneak peak and leaving the system unattended or may be having the electric wires all cluttered up and ignite a spark resulting in a fire hazard. To me, information security is not all about coding, it is actually a secure way of life dealing with every aspect if it.
BTW, did you know about the PKNIC blunder I exposed. that shows how much importance they tend to give the security here in Pakistan.
http://touseef.com/pakistan/2008/08/11/thanks-to-pknic-i-am-the-new-owner-of-googlecompk-jangcompk-and-many-other-domains/
2:46 pm
I am a gamer, a student faced with connectivity problems, an entrepreneur who lives on gadgets and a housewife who needs to call her parents without paying tariffs on local and international calls equaling calling rates… Or I can be an all-in-one penny-saver who wants to pay the minimum and get the maximum under a service that provides a ‘one-shoe-fits-all’ service. Out of experience, I would put aside a budget of Rs.1200 for minimum 256 kpbs per connection for availing such a service. Jokes apart, its different with Wateen as I can avail the same speed for as low as Rs.500 per month and telephony tariffs of Rs.90 per month… and the limited EID offer adds icing to the cake…I can make all the international and local calls, surf and download unlimited and get 50% extra minutes on the calling card absolutely free as a Wateen family member from Dec. 8th to midnight Dec 10th. I also get cash back of Rs.500 on registration so I can dine out for chand raat…
12:42 pm
its a nice post, i think security for home user, for those who just use internet for Orkuting or hang up on facebook is not matter, but this is a giant issue in pakistan, most user’s who are connected with their local internet provider (known as cable net) don’t know, even about key loggers………and for spywears also, i talked on that topic with my cousin, who uses cable net, and then he relaized that what the hell net cable and how can administrator control his system and he switch to DSL.
Mansoor great post ……….and i think you should write something about IT Bill
10:36 am
V