Quantum Information Security

In the 1920’s a new theory was developed heavily influenced by the work of Niels Bohr and his colleagues at the Institute of Theoretical Physics in Copenhagen Denmark. This was the theory of Quantum Mechanics which is still very much with us today and provides the foundations of much of modern technological innovations including micro-chips and lasers. As physicists looked closer at the sub-atomic world of the electron they found that matter behaved chaotically. The well ordered worldview that governs the orbits of the planets and trajectories of bullets fell away to be replaced by a world where particles appeared to be in several places all at once.

One of the scientists heavily influenced by Bohr’s theories was the German physicist Werner Heisenberg. Following a meeting with Bohr in 1922, Heisenberg started work on a series of papers and concepts which culminated in 1927 when he published his famous Uncertainty Principle. This states that you can never know for certain both the position and momentum of a particle. You can measure one but not the other with any degree of certainty.

Does the uncertainty principle apply to your information? Do you know precisely who has access to that information? How that information is being safeguarded? Whether indeed it is accurate and up to date? Do those who need access to that up to date information have it accessible when they need it? In other words is the confidentiality, availability and integrity of information assets fully protected and secured?

If you cannot be certain then maybe you should look into developing and implementing an information security management system. Such a system, if properly realised, can safeguard your information assets, ensure you comply with applicable legislation and improve your organisation.

A key standard for information security is ISO 27001:2005 which is a specification for information security management systems. A good overview document which gives an introduction to information security is ISO 27000 “Information technology — Security techniques — Information security management systems — Overview and vocabulary”. These and other related standards are available from the Vigilant website including ISO 27005 Information Security Risk Management.