What is IT Security?

Broadly speaking, IT security is about keeping electronic information private and protected from falling into the hands of those without authorization to see or use that information. To implement IT security, the Institute looks at how to meet requirements of various regulations and laws relating to information protection. To ensure compliance, policies must be implemented and adhered to.

IT security is about protecting the integrity, accessibility, and reliability of electronic information and with the behaviors and actions of computer users as they impact the privacy and safety of all members of the Internet community. IT security works with physical security to ensure protection of information, whether electronic or hardcopy.

Whose Job Involves IT Security?

Computers and the information they hold can be invaluable. Because there is a limit to their built-in protection, it is the responsibility of the individual to ensure the confidentiality, integrity and availability of this technology and information. IT security is everyone's job.

The Situation Today

IT security -- and specifically cyber or internet security -- has become one of the main concerns at businesses and organizations today. Consider these statistics:

• 112 universities reported a data breach in 2007 alone, an increase of 72.3% over 2006.
• 48% of data breaches at universities last year were due to employee behavior, including unauthorized disclosure, employee fraud, loss, and a lack of knowing where sensitive data is being stored. Theft, impersonation, and attacks are the other factors leading to exposure.
• 8.1 million U.S. residents were victims of identity theft in 2007. That represents 3.6% of adults. The total cost of identity theft in 2007 was $45 billion.
• The average cost per company suffering a data breach is more than $6.3 million per breach.

For these reasons, MIT is involved with various projects aimed to keep sensitive information at MIT safe.

Learn more about what YOU can do.