Databox IA Ltd provides Information Assurance consultancy (CESG Certified Professional (CCP)) to help companies protect critical systems and information.
We can also provide:
1. Information Security Awareness and Training
2. Risk assessments – (see IT Risk Assessments for more information)
3. Information security policies
What is Information Assurance
Essentially, Information Assurance is protecting information systems through maintaining these five qualities of the system. Confidential, Integrity, Availability, Authentication and Nonrepudiation
Integrity involves making sure that an information system remains unscathed and that no one has tampered with it. IA takes steps to maintain integrity, such as having anti-virus software in place so that data will not be altered or destroyed, and having policies in place so that users know how to properly utilize their systems to minimize malicious code from entering them.
Availability is the facet of IA where information must be available for use by those that are allowed to access it. Protecting the availability can involve protecting against malicious code, hackers and any other threat that could block access to the information system.
Authentication involves ensuring that users are who they say they are. Methods used for authentication are user names, passwords, biometrics, tokens and other devices. Authentication is also used in other ways — not just for identifying users, but also for identifying devices and data messages.
IA involves keeping information Confidential. This means that only those authorized to view information are allowed access to it. Information needs to be kept confidential. This is commonly found, for example, in the military, where information is classified or only people with certain clearance levels are allowed access to highly confidential information.
The final pillar is Nonrepudiation. This means that someone cannot deny having completed an action because there will be proof that they did it.