|Abstract: ||由於網際網路的日益普及化，大幅的降低了學習知識與技術的門檻，如果能夠好好的運用網路科技無遠弗屆的特性，以及善用網路上取之不盡的豐富資源，那麼網際網路的發明，對於學習新知、以及降低學習的門檻，就有很大的助益，但是「水能載舟，亦能覆舟」，如果使用不當，則後果就不堪設想，資訊安全就是其中重要的一環，因為其影響的範圍，小至個人隱私權被侵犯、公司機密資料外洩，並且傷害到整個社會的金融體系，甚至有危害國家安全之虞等，這些都是使得資訊安全的這個議題不容小歔，孫子兵法有云: 「故用兵之法，無恃其不來，恃吾有以待也﹔無恃其不攻，恃吾有所不可攻也」。就企業與組織而言，如何加強資訊安全機制，就變成現在的當務之急，如何建立堅而不摧的資訊安全堡壘，就變成當今的首要之務。|
The popularity of the Internet, greatly reducing the threshold of learning knowledge and technology .There is an old adage” Water is a boon in the desert, but the drowning man curses it.” applies to convenience from Internet. If you can properly use the benefits brought by technology, of course, it is the people's welfare. If used in the wrong place, then the consequences would be disastrous. Information security is one of the important part, because the scope of its impact, personal privacy is being violated, company confidential data leakage, damage to the financial system and society as a whole, and even endangers national security, etc. But we will have unbelievable damage if use it on the wrong direction. Information security is the sample. There is an old adage of Sun Tzu on the Art of War.”If, on the other hand, in the midst of difficulties, we are always ready to seize an advantage, we may extricate ourselves from misfortune.”. Forts to strengthen information security mechanisms, it becomes a top priority for today, how to consolidate information security, it becomes imperative now.
Information security implicates for the entire organization for sustainable development. Information security is a specialized field, the face of increasingly dangerous security challenges, organizations need to have a corresponding practice. In addition to challenging areas of expertise, there is the urgency of time. Information security both for business or organization, it is vexation important thing.
Information security outsourcing, it might be a viable approach. Technically, you can quickly make up the gap in information security within the enterprise. But yet there is the risk of confidential information leakage considerations, therefore, Information Security Company in the end is to self-built it? Or seek cooperation outsource it? If it is outsourced, then what is to outsource all of it? Outsourcing is part of it? Those parts can be outsourced, who is not part of outsourcing? These are information security in the end of this study is to measure the self or outsource important considerations.