What is Computer Security

During the last several years a great deal has been written in academic and trade journals that has focused on security. There are several different terms often used, but the following—information security (InfoSec), computer security, and information assurance—are typically meant to be the same, that is, the protection of data, although information assurance is also expanded to include aspects such as personnel, plant, and equipment. While one main theme that has been written has been to improve the effectiveness and understanding of security, apply the various security concepts learned and understand the technologies developed, it is important to recognize that computer security may take on different meanings, dependent on the context that it is being discussed. Computer security is a very large field, and one that is often misunderstood. When we discuss computer security, are we discussing our personal computer at work or home? Are we discussing portable devices, such as mobile devices like Blackberries, PDAs, or laptops? Are we discussing security laws and regulations that might impact the safeguard of personal information, or could we be discussing, designing, and implementing, a risk-based security plan for an organization? It is therefore difficult to discuss computer security unless it is discussed in a frame of reference. Therefore, this paper will discuss some of the issues and concerns of computer security in different frames of reference, and the importance of teaching security with that focus in mind.