Link to the home page.
Print from PDF version
 

Security Disciplines

Introduction

This section discusses the following security disciplines for each of these objectives: Support, Prevention, and Detection and Recovery.

Detection and Recovery Intrusion Detection System Critical Incident Response Security Auditing Disaster Recovery and Business Continuity Prevention Identification and Authentication Authorization and Access Control Data Integrity Data Classification Change Management Public Access, Privacy, and Confidentiality Firewalls, VPNs, and Other Network Safeguards Support Governance Physical Security Personnel Security Screening Separation of Duties

 

Section Structure

In general, each security discipline section is constructed as follows:

  • Description and Purpose—provides a summary of the discipline and the role it plays in securing information.
  • Principles—identifies the qualities that should be in place in an organization that responsibly and securely manages justice information.
  • Policies—contains guidance and, when applicable, references to sample policies in order to assist organizations in establishing good internal policies for securing information.
  • Best Practices—includes tutorials and also overviews the best ways to apply the tools, technologies, and processes within each discipline.
  • References—provides resources to assist justice organizations in designing their security practices in meeting well-established industry standards.
Table 2-1: Information Security Disciplines
Information Security Disciplines Definition and Relevance
Governance Identifies the practices applied to establish, manage, and enforce information security policy.
Physical Security Protects against compromises in security that may arise from facility and environmental vulnerabilities.
Personnel Security Screening Includes the processes applied to determine if personnel warrant the level of trust required to access sensitive justice information and systems.
Separation of Duties Requires the segregation of administrative, development, security, and user functions to provide security checks and balances.
Identification and Authentication Ensures those wishing to gain access to information resources are who they represent themselves to be. Typical methods include passwords, smart cards, and biometrics.
Authorization and Access Control Determines what permissions and access authorization an information system user holds.
Data Integrity Safeguards information content and protects against inadvertent or intentional information modification or loss.
Data Classification Provides guidelines to label information by its level of sensitivity and appropriate treatment.
Change Management Recommends procedures so that system configurations are controlled and understood, reducing the risk of security compromise.
Public Access, Privacy, and Confidentiality Outlines tools and procedures to protect the privacy of individuals and information in light of the increased accessibility offered by networked information systems.
Firewalls, VPNs, and Other Network Safeguards Identifies the tools employed to establish a barrier between private and public information in a justice organization.
Intrusion Detection Systems Monitors computing and communications facilities for evidence of inappropriate access or use.
Critical Incident Response Determines whether or not an incident has occurred and develops methods of control to handle and minimize disruption of service.
Security Auditing Examines and verifies that organizational practices meet security policies and applicable regulations.
Disaster Recovery and Business Continuity Establishes and documents the procedures to follow in the event of a disaster so that operations that depend on the accuracy and availability of information can continue and be restored.