A Playing Field Without Any Boundaries
Have you ever been assigned the task of asset security in an organization? At first glance, asset security seems pretty simple, almost boring. After all, what’s the big deal tracking some laptops and mobile phones. However, once you dive into the details of what an asset is, you may quickly find yourself with the feeling that the entire earth has become overtaken by quicksand. The asset security responsibilities of an information security professional can be so vast, as to leave one feeling that they have no firm footing.
Assets are anything that imparts value to an organization. Such a broad definition would place assets everywhere, both inside and outside of any company, and depending on the type of business for which you work, assets have different categories with different priorities for protecting them. Sometimes, the value of an asset is strictly monetary, and other times, the value can be much greater.
Knowing Your Scope
An information security professional working in a small organization will often find that the job goes beyond information technology. In a small firm, protecting the computing assets will often include protecting everything associated with acquiring, using, storing, distributing, and ultimately disposing of a computer or mobile device. A smaller organization may not have any physical security guidance, and this would also be assigned as a responsibility for the information security professional. In essence, when it comes to the many hats worn by most information security professionals, almost nothing is off-limits. The “information” in information security is only part of the security scope.
For anyone studying for the Certified Information System Securi ..
Support the originator by clicking the read the rest link below.
