What are the basic elements of a security strategy?
Security strategy revolves around three primary elements: People, Technology and Operations: People Achieving Information Assurance begins with a senior-level management commitment based on a clear understanding of the perceived threat. This must be followed through with effective Information Assurance policies and procedures, assignment of roles and responsibilities, commitment of resources, training of critical personnel (e.g. users and system administrators), and personal accountability. This includes the establishment of physical security and personnel security measures to control and monitor access to facilities and critical elements of the Information Technology environment. Technology Today, a wide range of technologies is available for providing Information Assurance services and for detecting intrusions. To insure that the right technologies are procured and deployed, NASA has established effective policies and processes for technology acquisition. These include: security poli
