GIS databases, systems, and GIS organization networks are becoming increasingly connected to the Intranet. While this interconnection provides the ability to share data, it can also leave an organization's information system and GIS data vulnerable to viruses, hackers, and actual information espionage. The result can be the actual degradation of information systems, the destruction of GIS data, and the compromise of private intellectual property. This paper describes the vulnerabilities of information systems and describes available information security practices and technology to mitigate this threat. The paper will be tailored for the GIS community to reflect the unique data vulnerabilities and privacy concerns for GIS information.