In today’s high technology environment, organizations are becoming more and more dependent on their information systems. The public is increasingly concerned about the proper use of information, particularly personal data. The threats to information systems from criminals and terrorists are increasing. Many organizations identify information as an area of their operation that needs to be protected as part of their system of internal control.
So, when planning for your system, integration or upgrade you will be wrong to not apply information security practices that fit to your system.
This is why a company needs to fully assess their Infrastructure and apply a security policy , if it has not one already in place.
Dont be like these guys: