The legal environment is the foundation of Information Security Systems, without policies, regulations, and laws these systems would not be safe to use. The policies, regulations, and laws are put in place to just not protect the corporations, organizations, and governments using them but also the employees. If the employees are not safe how could these companies and government agencies be safe? These policies, regulations, and laws ensure the protection of the employees, the companies, and the government agencies through confidentiality, integrity, and availability of information.
Laws: “Historically, the United States has been a leader in the development and implementation of information security legislation to prevent misuse and exploitation
…show more content…
“Accesses information without authorization to obtain information related to national defense, foreign relations or other restricted data. Access a computer without authorization and obtains information contained in financial records or from a financial institution. Accesses a U.S. department agency computer without authorization. Accesses a federal computer without authorization and with the intention to defraud” …show more content…
Basically states what the user of that computer system is allowed to do or not to do on that computer. For example: what websites are allowed to be viewed or what can or cannot be downloaded onto the computer. Personal Identifiable Information (PII): This policy is again used by both government agencies and organizations, the policy can differ between departments and organizations. Roughly is speaking about keeping ones information safe, such as Social Security numbers, or credit card numbers, or password, and ID cards. Not just keeping them saved to computers or in documents, but also to keep them physically not viewable, do not keep passwords out on one’s desk or leave your workstation with your ID card in the computer.
Government policies can differ between agency and department and classification. In order to protect confidentiality, integrity, and availability of information government agencies place classification levels on information systems. Then policies dictate what can or cannot happen on these different classified