The need for protection of information, one of the most valuable assets in the modern society, has increased dramatically in the last decade. ‘However, hand by hand with any technological and economic advancement new fraud and crime committing methods appear, targeting at our valuable information assets. Cryptography is one of the key technologies for ensuring confidentiality, integrity and availability of information, however it is being also used in order to cover criminal activities and evade wiretapping by Law Enforcement Authorities. The use of cryptography as a means of protection of privacy has created the need for establishing a Legal as well as technological framework in order to perform Lawful Interception (LI). Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages. The usage of Lawful Interception has been and still is one of the most controversial issues of modern society.
This Information Security Guide is meant for all users in the organization. The Guide summarizes the most central basic issues of information security and gives practical advice for the implementation of information security in one’s own work. If you need more information you should first check the organization’s IS Policy manual.
Over the past few years there has been a rapid development of Global IT infrastructures, which has fundamentally shifted the way information is managed today. In this dynamic environment new dependencies and new risks are born. Information is a valuable business asset and organizations must make sure that information remains available and trustworthy yet protected from intrusion. Today, organizations need to realize that in order to protect their information assets in an effective and efficient way they must understand what are the risks associated with the use of their information systems. In this context, a risk assessment methodology represents a valuable tool which can be used by modern organizations to assist them firstly to identify and rate the risks associated with the use of their information systems and secondly to take the appropriate measures to protect their information systems. The purpose of this paper is to address the issue of risks with respect to information security.