Goals and practices in maintaining information systems security

With the rapid growth of information systems and networks, security is a major concern of organizations. The main goals of information systems security are confidentially, integrity, and availability. The cornerstone of an organization's security lies in designing, developing and implementing proper information systems' security policy that balances security goals with the organization's needs. In this paper, the authors discuss the goals of information systems security and the techniques to achieve them. Specifcally, the paper focuses on access control and the various authentication approaches, as well as intrusion detection and prevention systems. As attacks become more frequent and devastating, ongoing research is required to adapt and improve security technologies and policies to refect new modes of attack to keep information systems secure.