Legal protection of information.
In any legal directory, law is traditionallyis defined as a system of formally accepted and generally binding norms that regulate the behavior of people in a given society with certain moral principles, the fulfillment of which ensures the necessary authority of the state. The legal basis for the protection of information is regulated by such state and regulatory acts as the Constitution and laws of the Russian Federation, as well as administrative, civil and criminal law.
On the norms of information law is basedorganizational protection of information of an enterprise. Compliance with such can be traced through the creation of a specialized document on the legitimacy of the application of data protection, on the duties of personnel to strictly follow protective measures, as well as on personal responsibility for failure to comply with specified measures.
The legal document contains the following norms:
- Presence of obligations and provisions for the protection of information in all organizational documents - in job descriptions, in employment contracts and in internal regulations.
- Informing all employees and compulsorybringing to their attention provisions on responsibility for the dissemination and disclosure of classified data, for falsifying documents and their unauthorized destruction.
Legal protection of information obliges any enterprise to persons who start work, to explain all provisions on restrictions related to their duties in the sphere in question.
Legal protection of information implies the following regulatory rules:
- On any functioning object, the confidentiality regime must be established without fail.
- Access to the data must be delineated.
- Legal protection of information must have material security.
- Confidential data should be clearly identified as the main object of protection.
Each specific enterprise independently develops legal and regulatory documents that ensure its information security. These include the following:
- Regulations on commercial secrets.
- Regulation on the protection of personal data.
- Information Security Policy.
- Instruction on the procedure for admission to information that constitutes confidential information.
- Obligations of employees to preserve confidential data.
- Memos to the working people about the preservation of trade secrets.
- Regulations on information document circulation and records management.
The above acts prevent incidents of improper disclosure of classified information.
Data protection. Ways
Legal protection of information is carried out with the help ofvarious techniques and tools that provide confidentiality, accessibility and completeness of information, as well as countering external and internal threats. Each type of threat has at its disposal certain tricks that the system must be able to recognize.
Information security is provided by a system of measures that are addressed:
- To prevent threats, that is, the use of preventive measures to ensure information security.
- To neutralize the threats that are detectedwith systematic control and analysis, the possibility of the emergence of a potential or real danger, to take timely measures to prevent it.
- Delineation of threats to real and potential, having a criminal orientation.
- Take appropriate measures to eliminate the danger or criminal actions.
- Elimination of illegal actions and consequences of threats, as well as the return of the status quo.