What does “secure information” really mean? Information that is secure satisfies three main tenets, or properties, of information. If you can ensure these three tenets, you satisfy the requirements of secure information. The three tenets are as follows:
• Availability—Information is accessible by authorized users whenever they request the information.
• Integrity—Only authorized users can change information.
• Confidentiality—Only authorized users can view information.
Internal use only—Information or data shared internally by an organization. While confidential information or data may not be included, communications are not intended to leave the organization.
The User Domain is the weakest link in an IT infrastructure. Anyone responsible for computer security must understand what motivates someone to compromise an organization’s system, applications, or data. A list of the risks and threats commonly found in the User Domain and plans you can use to prevent them.
Risk, Threat, or Vulnerability
Mitigation
Lack of user awareness

Conduct security awareness training, display security awareness posters, insert reminders in banner greetings, and send e-mail reminders to employees.
User apathy toward policies
Conduct annual security awareness training, implement acceptable use policy, update staff manual and handbook, discuss during performance reviews.
Security policy violations

Place employee on probation, review AUP and employee manual, discuss during performance reviews.
User inserts CDs and USB drives with personal photos, music, and videos.
Disable internal CD drives and USB ports. Enable automatic antivirus scans for inserted media drives, files, and e-mail attachments. An antivirus scanning system examines all new files on your computer’s hard drive for viruses. Set up antivirus scanning for e-mails with attachments.
User downloads photos, music, and videos.

Enable content filtering and antivirus scanning for e-mail attachments. Content-filtering network devices are configured to permit or deny specific domain names in accordance with AUP definition.
User destruction of systems, applications, or data
Restrict access for users to only those systems, applications, and data needed to perform their job. Minimize write/delete permissions to the data owner only.
Disgruntled employee attacks the organization or commits sabotage.
Track and monitor abnormal employee behavior, erratic job performance, and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
Employee romance gone bad
Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on AUP monitoring and compliance.
Employee blackmail or extortion

Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Enable intrusion detection system/intrusion prevention system (IDS/IPS) monitoring for sensitive employee positions and access. IDS/IPS security appliances examine the IP data streams for inbound and outbound traffic. Alarms and alerts programmed within an IDS/IPS help identify abnormal traffic and can block IP traffic as per policy definition.

Workstation Domain
The Workstation Domain is where most users connect to the IT infrastructure. A workstation can be a desktop computer, laptop computer, or any other device that connects to your network. Other devices might include a personal data assistant (PDA), a smartphone, or a special-purpose terminal. You can find more details about mobile devices in the “Remote Access Domain” section.
The Workstation Domain requires tight security and access controls. This is where users first access systems, applications, and data. The Workstation Domain requires a logon ID and password for access. A list of the risks, threats, and vulnerabilities commonly found in the Workstation Domain, along with ways to protect against them.
Risk, Threat, or