In INFOSEC, an environment in which protection of data and resources from accidental or malicious acts is achieved through normal operational procedures. 2. An environment that does not provide sufficient assurance that applications and equipment are protected against the loss of confidentiality, integrity, or availability.