The Development of an Organizational Measures Set to Ensure Information Security and Information Protection

Information security covers many different areas: government agencies, business, banking systems, various production processes, etc. In each area it is necessary to provide a set of organizational measures aimed at ensuring information security and information protection. The problem of ensuring the protection of information has always been of great importance. In the information security Doctrine of the Russian Federation said: "the Realization of national interests in information sphere directed on formation of safe environment of the circulation of reliable information and robust to various types of impact information infrastructure in order to ensure the constitutional rights and freedoms of man and citizen, sustainable socio-economic development and national security of the Russian Federation". Any electronic information, as well as nodes and automated control systems (ACS) that process data, are vulnerable to external and internal theft and harm. This leads to the loss or disclosure of confidential information of the organization and their clients, damage to the reputation of the company and prosecution for non-compliance with established legal norms. For the most effective development of a set of organizational measures to ensure information security and information protection at any enterprise, it is necessary to create an information security system (ISS) aimed at ensuring information security of the enterprise from any unauthorized influences (accidental or intentional). The information security system (ISS) should include: legal, administrative, organizational and technical means of protection. To ensure information security, ISS should not only use the usual means of protection, such as: cryptographic protection of information, change of keys and passwords, implementation of special requirements for subscriber traffic, information sharing system, various organizational measures to strengthen the regime, etc., but also should adapt to constantly changing environmental conditions. Relevance of the topic: the organization of information security is a priority in a variety of fields. Information protection is the primary goal for the successful solution of production problems and security not only of business and various enterprises, and the most important task for the security of the country and its citizens. This requires the development of a set of organizational measures to ensure information security and information protection. The object of the research is the protection of information, as a set of actions aimed at ensuring information security from any unauthorized influences (accidental or intentional). The subject of the study is the monitoring of the current state of threats to the information environment and the possibilities of information protection. Based on the analysis of theoretical material, Russian standards and legislation of the Russian Federation, the development of a set of organizational measures to ensure information security and information protection in the diagnostic and treatment company "MobilCityMed". Research problem: with the increase in the volume of processed data, with the development of information technology, the Internet and globalization, the risks of violation of the integrity, availability and confidentiality of information increase. A significant disadvantage of modern means of information protection is that when an unauthorized action is detected that poses a security threat, most of the existing methods of information protection allow you to organize protection only after the fact of the threat. This is to ensure information security is very inefficient. Research problem: 1. To consider the theoretical material on the current state of threats to the information environment and the possibilities of information security; 2. To analyze the considered material for ensuring the most effective work of is; 3. To develop a set of administrative and organizational measures to ensure information security and information protection for the diagnostic and treatment company "MobilCityMed".