During the first day of class we started discussing about availabity, confidentiality and integrity as key elements of information security. Ken told us that these were three essential concepts that are going to be heavily discussed during the whole semester.

The Cambridge Dictionary defines security as "the protection of a person, building, organization, or country agaisnt threats". Another definition by the same dictionary is "the fact that something is not likely to fail or be lost". A third definition is "the group of people responsible for protecting a building". I bring the comment of this definitions because they can make us aware of three different things: there is a need to protect against threats, you need to assure that a system won't fail and that in security and there is people making sure that everything works as it should and that no potentital threats come close to the stuff they protect.

Availibality, integrity and confidentiality clearly relate to the definitions described above.

Availability refers to the fact that systems must be up and running. This is implemented on systems by having the capacity and performance tools to protect against threats and recover information in case of failure. These requires infraestructure and technicians that are able to protect in case of threats and to offer fast response when an attack or a fail occurs. Availibality relates to the definion that says "the protection of a person, building, organization, or country agaisnt threats".

Integrity means assuring the accuracy of data, one example for integrity is that messages can't be modified without detection. For this, the systems should be protected in a way that attackers can't compromise data integrity, also, the system should be protected against user mistakes and have privileges on the access of systems. You can assure integrity with data access Continue reading "ACI: My perspective." →

The System Administrators' Code of Ethics by The Advanced Computing Systems Association to describe their commitment to the highest standards of ethical and professional conduct and agree to guided by the code of ethics and encourage every System Administrator to do the same.

At class I was discussing with Sercan Asker about how we can relate the System Administrator's code of ethics to the situations that happen everyday around os on campus. 

In this post we explain how we relate every principle to the situations that happen at Tecnológico de Monterrey in Guadalajara. 

Professionalism

"I will maintain professional conduct in the workplace and will not allow personal feelings or beliefs to cause me to treat people unfairly or unprofessionally."

With professionalism, we thought directly to the workers at the campus. They always make ther job that they make the campus look well maintained. They always do their job well and never hinder student.

Personal Integrity

I will be honest in my professional dealings and forthcoming about my competence and the impact of my mistakes. I will seek assistance from others when required. I will avoid conflicts of interest and biases whenever possible. When my advice is sought, if I have a conflict of interest or bias, I will declare it if appropriate, and recuse myself if necessary. 

With personal integrity we thought of ordinary stops. A good student usually stops after the lecture in the library, always trying honestly to give his best. In the library the learning atmosphere is respected and if someone needs help, you always find someone who will help you.  

Privacy

I will access private information on computer systems only when it is necessary in the course of my technical duties. I will maintain and protect the confidentiality of any

Continue reading "System Administrator’s Code of Ethics and its Relation to our Life at School." →