Chapter Summary

The three keys to implementing computer and network security are data integrity, data availability, and data confidentiality. Data integrity refers to the assurance that your information has not been altered. Data confidentiality is the protection of information from unauthorized users. Data availability is the ability to access information when you need it.

Hacker attacks can come from anywhere at any time. The Internet includes millions of networked machines, all of which are vulnerable to attack.

The basic elements of security include a security policy, authentication, access control, encryption, auditing, and security administration. These elements work together to provide a complete security infrastructure.

Encryption is the best way to protect sensitive or confidential information and achieve data security. You can encrypt data on your hard drive or encrypt information before sending it over a network.

Risk assessment is an analysis that determines possible vulnerabilities against a system, the probability that security will be violated, and the cost of damages if the system is compromised.