Information Security does not refer to a single tool. It is rather, a set of process and strategy and a constant practice in order to deal with the consistently rising security concerns.
Information Security is a practice of preventing unauthorized access, storage, modification, identification, inspection or destruction of data.
It should be noted that in the field of information security, data is not just limited to digital information stored on a system. It also refers to data stored on external devices such as flash drives among other storage media. It also refers to the equipment’s which are used to store or transmit the data.
The data can also refer to a room, floor or an entire building or company premises. It means that any unauthorized data should be prevented from entering or leaving the company. The data may be held by an individual or on a device or an individual holding the device.
Owing to the rise of cyber attacks, businesses are known to take stringent security measures. The penalties or fine for individuals found to be responsible are also very severe and they can also face imprisonment.
The key concepts involved with Information Security are:
It is the set of rules that imposes restrictions on individuals and limitations on accessing certain information.
Integrity ensures that sufficient measures are taken to ensure that only authorized individuals are allowed to access the data.
Availability ensures that throughout the life cycle of the data, it is available at all times and at the required level of performance.