ENSURING THAT INFORMATION is secure is not solely the responsibility of technicians in computer data centers. It also concerns governments, corporations, and private individuals. The digital revolution greatly changed how people communicate and do business. Because information exchanges now take place instantly, and because almost everyone shares data of some kind, you should question how all organizations use and protect data.

This text is about information security and the law. Information security seeks to protect government, corporate, and individual information and is a good business practice. Many organizations today want a reputation for properly protecting their own and their customers’ data, because a good reputation can make a company stand out from its competitors, increase sales, or make a government agency seem more trustworthy.

Laws also protect information, especially private personal information. They require that data be protected in certain ways. Laws are not optional; if a law applies to an organization, then the organization must follow the law. Laws make information security more than just a good business practice. They make it a business requirement.