Statistics Lab week 6
Use of the Internet has resulted in recognition that information technology security is of major importance to our society. This concern seems relatively new in healthcare, but information technology security is a well established domain. A large body of knowledge exists that can be applied to protect healthcare information. A general understanding of security can be obtained by understanding:
1. Security Components
2. Security Principles
3. Threats, Vulnerabilities, Control Measures and Information Assurance
4. Achieving Information Security: Administrative, Physical, Technical
Safeguards
Security is achieved by addressing its components: confidentiality, integrity, availability and accountability.
1. Confidentiality is the property that data or information is not made available or disclosed to unauthorized persons or processes.
2. Integrity is the property that data or information have not been altered or destroyed in an unauthorized manner.
3. Availability is the property that data or information is accessible and useable upon demand by an authorized person.
4. Accountability is the ability to audit the actions of all parties and processes which interact with the information and to determine if the actions are appropriate.
Numerous threats exist to computer systems and the information they contain originating from within and outside organizations. Some common threats include malicious code such as viruses, Trojan horses, or worms.
Malicious code often takes advantage of vulnerabilities in operating system software but depends, too, upon organizational weaknesses such as the failure to deploy, update or train workers in the use of antivirus software.
Malicious code may enable denial of service attacks, impersonation, information theft and other intrusions. Attacks by famous malicious code such as the Melissa or Lovebug viruses highlight the threat of “hackers”, outsiders with intent to harm
1. Security Components
2. Security Principles
3. Threats, Vulnerabilities, Control Measures and Information Assurance
4. Achieving Information Security: Administrative, Physical, Technical
Safeguards
Security is achieved by addressing its components: confidentiality, integrity, availability and accountability.
1. Confidentiality is the property that data or information is not made available or disclosed to unauthorized persons or processes.
2. Integrity is the property that data or information have not been altered or destroyed in an unauthorized manner.
3. Availability is the property that data or information is accessible and useable upon demand by an authorized person.
4. Accountability is the ability to audit the actions of all parties and processes which interact with the information and to determine if the actions are appropriate.
Numerous threats exist to computer systems and the information they contain originating from within and outside organizations. Some common threats include malicious code such as viruses, Trojan horses, or worms.
Malicious code often takes advantage of vulnerabilities in operating system software but depends, too, upon organizational weaknesses such as the failure to deploy, update or train workers in the use of antivirus software.
Malicious code may enable denial of service attacks, impersonation, information theft and other intrusions. Attacks by famous malicious code such as the Melissa or Lovebug viruses highlight the threat of “hackers”, outsiders with intent to harm