Policy Glossary G - I
A defensive strategy to protect against attacks by removing vulnerable and unnecessary services, patching security holes, and securing access controls.
Physical devices including, but is not limited to, portable and non-portable workstations, laptops, servers, copiers, printers, faxes, and PDAs.
Information systems, data, and network resources to include automated files and databases.
Information Security Program
An organizational effort that includes, but is not limited: to security policies, standards, procedures, and guidelines plus administrative, physical, and technical controls. The effort may be implemented in either a centralized or a decentralized manner.
A combination of hardware, network and other resources that are used to support applications and/or to process, transmit and store data
Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. [44 U.S.C., SEC. 3542]