9-5
Security
9-5-1 Information assets and
information security
Corporations and other organizations handle a wide variety of information
such as personal information and confidential information, and also share
information using computers. “Information” of this type is an important
“asset,” regardless of whether it is from the perspective of a corporation,
organization, or educational institution. These information assets must be
strictly managed.
1
Information assets
“Information assets” refers to assets whose value should be protected
such as data, software, computers, and network equipment. The adoption
of computers and spread of the Internet has rapidly increased the use of information by corporations and other organizations.
When a corporation has customer information that only it should use and
the information is leaked to the outside, it can hurt the competitiveness of
the corporation and ultimately threaten its very existence.
In addition, personal information such as customer information must be
protected from the standpoint of privacy, while leakage of such information is certain to damage the credibility of the organization.
For these reason, organizations must treat “information” as “assets.”
Information assets can be broadly categorized into “tangible assets” and
“intangible assets.”
Examples of tangible assets
• Data printed on paper
• Hardware such as servers and computers
• Network equipment
Examples of intangible assets
• Data such as customer information, personal information, sales information, and information concerning intellectual property
• Software such as operating systems and applications
• Knowledge and experience of people
279