Security Architecture defines common, industry-wide, open-standards-based ,assorted. technologies and applicable Industry best practices as the cornerstone elements required to enable secure and efficient transaction of business, delivery of services, and communications among its citizens, federal government, cities, counties, and local governments, as well as the private business sector. Security Architecture must enable the State and individual s to quickly respond to technology, business, and Information merits changes without compromising the security, integrity, and performance of the enterprise and its Information resources.
It describes how the system is put together to satisfy the security requirements. Agencies are working to preserve the integrity, reliability, availability, and confidentiality of important Information while maintaining their information systems. The most effective way to protect information and system to incorporate security into each domain. This approach ensures that security supports agency business operations, thus facilitating those operations, and that plans to fund and manage security are built Into life-cycle budgets for IT.
The term *information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide:
Integrity – which means guarding against improper Information modification or destruction, and Includes ensuring Information non-repudiation and authenticity.
Confidentiality – which means preserving authorized restrictions from access and disclosure, including means for protecting personal privacy and proprietary Information
Availability – which means ensuring timely and reliable access to and use of Information.
The Security Architecture Policy requires agencies to securely and economically protect transaction of the State’s business, delivery of services, and communications among citizens, businesses, political sub-divisions, and the federal government. It encourages the state and Individual agencies to incorporate technology security improvements for business requirements without compromising the security, integrity, and performance of the enterprise and Its Information resources.