General discussion


Information Protection vs Security

By robert.meriam ·
Is it security or protection
I have been in the security field now for 10+ years. The paridigm has certainly shifted from being defenders of data to protectors yet enablers of information in general. Most of what we do must be centered around the people that access the systems, in addition to the access itself. I would like to ask as a general ?, should we be info protection or info security.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

There are definetly 2 sides to this

by LordInfidel In reply to Information Protection vs ...

What was once seen as a single entity regarding security has now divided into 2 distinct areas.

1. Protecting your Network
2. Protecting your Data

While you would think that they are both the same thing, they are'nt.

Protecting your network would generally fall under "Network topology security; Firewalls, vpns, proxies, Nat etc". This is all related though to external access in.

Protecting the data is the opposite. Internal usage to the data. This part encompasses; setting security access to the data via acls, Backing up the data, disaster recovery, generally protecting the users from themselves.

In short, as the industry and user expectations have advanced. Our job responsibilties have expanded and splintered.

Just a perspective

Collapse -

Information Privacy vs Network security

by security_guy In reply to There are definetly 2 sid ...

There is definately a difference between the two. The recent enactment of the Gramm-Leach-Bliley Act (in the USA) has formally established the requirements for securing data. Amoung financial institutions this has always been a priority, it has become more important to insure the data is secure and disseminated on a need to know basis. Securing financial data from the "outside world" has always been a priority and of course ensuring the data will be available (good data backup and storage alongwith proper disaster recovery)is necessary.

To sum it up, protection and security are related but require different approaches.

Related Discussions

Related Forums