Information security structure for database processer

As a result of increasing interconnectivity, information systems and networks are exposed to a growing number and wider variety of threats and vulnerabilities. Consequently, secured communications are needed in order for both companies and customers to benefit from the advancements that the Internet is bringing to us. This paper is focus on how can database processer implement a proper information security service. After exam the law, requirements, the current IS situation and the conflicts existing between customers and database processers, the author points out a structure which concerns with both inside and outside of the organization. The structure is come up with 4 areas where special efforts should be made to: perform a process-oriented information security management; build Information security policy; launch and develop self-discipline; promote a culture of security. Standards can be used within the structure based on the stage/situation of the organization. By following the structure, the database processer can perform a comprehensive, balanced and reasonable solution to the IS issues.