Information Security

Information Security and Protecting Information

Information Security: The Computer Security Handbook defines security as follows: the protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information

System resources includes:

  • Hardware.
  • Software.
  • Firmware. 
  • Information/data.
  • Telecommunications.   

Whether you are in charge of many computers, or even one there are immediate steps you can take to safeguard your company’s computer system and its contents. – Computer Security Handbook 

 

The CIA triad.

Web systems are core components of any business these days and as the number of websites increases, the number of hackers and attackers look for vulnerable systems to stealing valuable business data increases. The CIA triad is a security model to help people think about various parts of IT security such as:

Confidentiality:

The concept of confidentiality refers to the protection of confidential information from unauthorized disclosure. Here are some tips on protecting confidentiality:

  1. Encrypt data at rest & in transit.
  2. Use access control.
  3. User IDs and passwords.   
Availability:
Availability ensure that the data is accessible not only when but where it’s needed. How Critical Is Data Availability? Data availability is critical to your business and its reputation because if consumers can’t access your website, they will likely go to a competitor’s.
Integrity:

Integrity ensure and protecting the data from unauthorized modifications in retrieval, in transit, or in storage.

It prevents data corruption and data from being tampered with, or altered while maintaining the consistency, accuracy, and trustworthiness over its entire life cycle.