The American Heritage Dictionary defines security policies as a “plan or course of action, as of a government, political party, or business, intended to influence and determine decisions, actions, and other matters”. Information that needs to be confidentially secured as a matter of law, include federal records, medical records, student and employment records, attorney-client communications and research records and intellectual property-related records etc.

The principles of security policies consider confidentiality, integrity and availability.

Confidentiality means that the systems only allow access to authorized personnel to protect private, proprietary and other sensitive information. Using the authentication principle, policies for passwords and other authentication mechanisms such as biometrics need to be established. Continue reading “Security Policies” »