Chapter 8: Security

OVERVIEW

The meaning of "security" as it relates to information systems is often diluted to include only security related to clients and servers. This narrow view can be a fatal flaw in corporate information security. One of the early definitions of security for computer networks came from the IBM Dictionary of Computing published in 1994 by McGraw-Hill, Inc.:

Information Security: the concepts, techniques, technical measures, and administrative measures used to protect information assets from deliberate or inadvertent unauthorized acquisition, damage, disclosure, manipulation, modification, loss, or use.

This chapter deals primarily with security concepts, components , and design elements. In that light, many of the concepts and discussions are beyond the scope of what a Citrix system administrator will directly control; however, that system administrator must be able to accurately represent security requirements to other staff members who are responsible for design and implementation. Today's enterprises require that all staff be cognizant of security and vigilant, and the on-demand and in-control enterprise requirements dictate that security be a forethought and not an afterthought to any IT solution. Detailed implementation of security in a national enterprise infrastructure is addressed later in Chapter 17 of this book.