What is Information Security?


A Simple definition of Information Security
"the practice of being protected against the unauthorized access, use, inspection, modification, disruption, disclosure of information. Especially electronic data, or the measures taken to achieve this."

The term is shortened and is commonly known as InfoSec. Confidentiality, Integrity and Availability (CIA) are the core factors in information security. These factors should be kept intact when any kind of critical issue arrive within or externally to a secured system. Information Technology (IT) security specialists associate with holding these constrains in a given information system. Though paper based business operations still prevail in the field, emergence of IT into these operations are imminent and is creating a big impact with security towards Confidentiality, Integrity and Availability of information. The role of an IT security professional is a stable job in the current working environment. As of 2013 more than 80 percent of security professionals had no change in employer or employment over a period of a year, and the number of professionals is projected to continuously grow more than 11 percent annually from 2014 to 2019.

Some might think Information Security is the same as Cyber security, but this is not the case. Information security is a form of Cyber security which refers exclusively to the processes designed for data security. Cyber Security is a general form of information security. Information security can be widely described in detail through the various aspects of security. Let us get familiar with the types of InfoSec.

Application Security Application security is a broad topic that covers software vulnerabilities in web and mobile applications and application programming interfaces (APIs). These vulnerabilities may be found in authentication or authorization of users, integrity of code and configurations, and mature policies and procedures. Application security is an important part of perimeter defense for Information Security.
Cloud Security Cloud security focuses on building and hosting secure applications in cloud environments and securely consuming third-party cloud applications. “Cloud” simply means that the application is running in a shared environment. Businesses must make sure that there is adequate isolation between different processes in these shared environments.
Cryptography Encrypting data in transit, data at rest helps ensure data confidentiality and integrity. Digital signatures are commonly used in cryptography technology to validate the authenticity of data. Cryptography and encryption has become increasingly important in current information environments. A good example of the use of cryptography is the Advanced Encryption Standard (AES). The AES is a symmetric key algorithm used to protect classified government information.
Infrastructure Security Infrastructure security deals with the protection of internal and extranet networks, labs, data centers, servers, desktops, and mobile devices.
Incident Response Incident response is the function that monitors and investigates potentially malicious behavior in informational environments.

In preparation for breaches, IT professionals should have an incident response plan for containing any threat and restoring the network.
Vulnerability Management Vulnerability management is the process of scanning an environment for weak points and prioritizing remediation based on the risk involved.

In many networks, businesses are constantly adding applications, users, infrastructure, and so on. For this reason, it is important to constantly scan the network for potential vulnerabilities. Finding a vulnerability in advance can save your businesses the catastrophic costs of a breach.

Above mentioned types of Information Security helps in maintaining the CIA triad in information systems. Under these types we can specify several measures applied on the systems. These measures can include mantraps, encryption key management, network intrusion detection systems, password policies and regulatory compliance. A security audit may be conducted to evaluate an organization's ability to maintain secure systems against a set of established criteria.

Comments

Post a Comment

Popular posts from this blog

"Positive thinking" - changing your thoughts for a better life

Image
Positive Thinking The Enhancement lecture scheduled on Wednesday was about to begin as we took our seats as usual in the Prof. V.K. Samaranayake auditorium . The guest lecturer for the day was none other than Prof. Daya Rohana Athukorala , who is a famous writer, editor, counsellor and a teacher in the country. He specializes in the field “Positive thinking” which was also the topic that was given for the day. Life has many aspects that can influence the well-being of a human. Controlling yourself within your mind is very important, to maintain a healthy life fulfilling key aspects of life such as self-belief, trust, happiness, emotional intelligence etc. This process of controlling is simply identified as “Positive thinking”. Prof. Daya Rohana Athukorala commenced the lecture and continued on using many examples from day to-day experiences which shed light to many of the issues that the youth of the 21 st century face. Positive thinking mainly focuses on emotional sta
Read more

Drug and alcohol prevention

Image
It was another Wednesday on the week’s calendar that took us to the Prof. V.K. Samaranayake Auditorium sharp at 8 for the Enhancement lecture. As always, we were eagerly waiting for the lecture to commence as Mr. S.T. Nandasara Approached the stage and introduced the guest lecturer for the day. I will start on the topic and the lecturer with a vague introduction since this topic is not alien to anyone in the present generation. The guest lecturer that came on stage was Mr. Pubudu Sumanasekara , Vice president of IOGT International and Executive Director of the Alcohol and Drug Information Center, better known as ADIC, in Sri Lanka. He was the perfect candidate to speak about the topic allocated for the day. Alcohol consumption increases as a whole around the world, and this has become a big problem in many countries, especially in Sri Lanka. There are many questions that revolve around this matter, and it has been many researchers’ main focuses to research on the usage of alcohol
Read more