InfoSecMinds has initiated this website to simplify the terms and process involved in the world of Information Security. You can find papers on implementing Information Security practices using BS ISO 27001:2005 framework. There are also some articles based on real world experiences, which will be worth reading.
To Begin
All that we need to understand about this topic is to ‘protect’ something. This is no rocket science. It is something that everyone does in their daily life either knowingly or unknowingly. The difficultly is only in relating these and taking up ownership of what you need to protect.
Let us look at a scenario
I am sure that 99.99% of the population anywhere in the world would lock the door to his/her house, if he/she is the last person to leave. A duplicate of the key to that lock will be limited to the family members residing in that home. I have just met one person in my life who did not lock his home while he left, well there are some exceptions.
We just realized that we do secure our assets in some way or the other. We have protected our home by locking it down. Similarly, Information Security is of locking down your information and giving the key to only those people who are authorized to have the access to information.
Now the question is about what sort of locking mechanism is required for these information, how do we determine what is best for what sort of information and based on what criteria do we allow access to information. You will get some of these answers by going through the articles posted here.
The primary objective of this site has been to help the community in raising the level of awareness in Information Security practices and to guide them in the process of implementing Information Security practices in their organizations.
It would be an honor to have Information Security Professionals and others to come out with their views on the topics discussed here, which would be helpful to this community.
Vinod Kumar Puthuseeri
vinod at infosecminds dot com