Confidentiality

The first pillar of computer security is to properly maintain data confidentiality. Confidentiality ensures that only users that are properly identified and authorized can view and edit data or execute an application.

During the past year there have been many news stories about the theft of sensitive data from compromised web server, including credit card and social security numbers. These events often cost hundreds of thousands or millions of dollars to mitigate or correct. Besides the direct cost of the cleanup, there are potential legal expenses and damage to the corporate reputation.

Common causes for such data losses include:

• Improper or inconsistent administration of servers
• Flaws in application software
• Inadequate policies and procedures
• Inadequate physical controls on laptops or backup tapes

---

Copyright © 2006, Gary Huntress All rights reserved. Terms of Use. Privacy Policy.
This web site is maintained by Gary Huntress. Last modified: 5 January, 2007.