What is Information Security (InfoSec)?

 Information security definition

Information security is a set of practices designed to keep personal data secure from unauthorized access and alteration during storing or transmitting from one place to another.

Information security is designed and implemented to protect the print, electronic and other private, sensitive and personal data from unauthorized persons. It is used to protect data from being misused, disclosure, destruction, modification, and disruption.



Information security vs. cybersecurity

Information security and cybersecurity may be used substitutable but are two different things. Cybersecurity is a practice used to provide security from online attacks, while information security is a specific discipline that falls under cybersecurity. Information security is focusing on network and App code.


Information security principle

There are some basic components of information security which are discussed below.

  • Confidentiality is one of the basic elements of information security. Data is confidential when only authorized people access it. To ensure confidentiality one needs to use all the techniques designed for security like strong password, encryption, authentication and defence against penetration attacks.
  • Integrity refers to maintaining data and preventing it from modifications either accidentally or maliciously. Techniques used for confidentiality may protect data integrity as a cybercriminal can’t change data when they can’t get access to it. To ensure integrity in-depth few tools help in improving it.
  • Availability is another basic element in information security. It is vital to make sure that your data is not accessed by unauthorized persons but only those who have permission can access it. Availability in information security means matching network and computing resources to compute data access and implement a better policy for disaster recovery purposes.



Information security policy

Information security policy is a document that an enterprise draws up, based on its specific needs and quirks. It helps to establish what data to protect and in what ways. These policies guide an organization during the decision making about procuring cybersecurity tools. It also mandates employee behaviour and responsibilities.

An organization information security policy should include

  • It should describe the purpose of the InfoSec program and objectives
  • It must define the key terms used in the document to ensure shared understanding
  • It must contain password policy
  • It should determine who has access to what data
  • It must include the employee’s roles and responsibilities to safeguard data.
Location: Mumbai, Maharashtra, India

Comments

Post a Comment

Popular posts from this blog

What is Site Isolation in Web Brower's? How it Works.

Image
   What is Site Isolation in Web  Brower's ? Site Isolation is a security feature that offers additional protection against some types of security bugs.  It makes it harder for untrustworthy websites to access or steal information from your accounts on other websites.   Websites typically cannot access each other's data inside the browser, thanks to code that enforces the Same Origin Policy.  Occasionally, security bugs are found in this code and malicious websites may try to bypass these rules to attack other websites.    Site Isolation offers a second line of defence to make such attacks less likely to succeed.  It ensures that pages from different websites are always put into different processes, each running in a sandbox that limits what the process is allowed to do.  It also makes it possible to block the process from receiving certain types of sensitive data from other sites.  As a result, a malicious website will find it much more difficult to steal data from other sites
Read more

What Is System Attacks ? Types OF System Based Attacks

Image
System Based Attack It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. Type OF System Based Attacks -  1. Virus It is a type of malicious software program that spread throughout the computer files without the knowledge of a user. It is a self-replicating malicious computer program that replicates by inserting copies of itself into other computer programs when executed. It can also execute instructions that cause harm to the system. Type OF Virus RESIDENT VIRUS :   Resident viruses set up shop in your RAM and meddle with your system operations. They’re so sneaky that they can even attach themselves to your anti-virus software files. MULTIPARTITE VIRUS : This virus infects the entire system. Multipartite viruses spread by performing unauthorized actions on your operating system, fol
Read more