Implementing proper IT security policies, software, and equipment is vital to any enterprise. All enterprises have something of value that needs to be protected, regardless of the size of the company or their industry. At the very least, companies have services and infrastructure that hackers can exploit. Common exploits include using phone systems to place expensive long distance calls and using the network storage to host illegal Web sites. Governments and industry regulatory groups are aware of the importance of implementing a sound IT security system and many have put security requirements in place.
What is Security?
IT information security is the process by which enterprises protect their information, internal systems, and platforms from unauthorized use, theft, deletion, and unauthorized changes. Security is not about eliminating risks to the enterprise, it is about mitigating these risks to acceptable levels.