To understand what Information Security is all about, one needs to understand the following definition of Information Security.
“Information Security ensures the confidentiality, integrity, and availability” .
Now that the reader of this blog has understood the basic definition, time to go in details what do Confidentiality, Integrity and Availability mean.
Confidentiality: We want to make sure that we are protected with confidential and sensitive information. Confidentiality ensures that only approved entities can use and display the digital technology of our resources. It also means that no unauthorized individual should have any access to the records. In general, there are two kinds of data: data in motion when it passes through the network and data at rest as data is stored in some media (like databases, storage, cloud). We need to maintain data encryption for data in transit before transmitting this through the network. Using a different network for confidential data is another method that we can use along with encryption. We should implement encryption on the storage media drive for data at rest so that nobody can read it in the event of theft.
Integrity: We do not want our records to be available or tampered with by unauthorized people. The integrity of data means that data can be changed only by authorized persons.
Availability: On systems and records, availability applies. If the details can not be accessed by approved individuals due to a general network outage or denial-of-service (DOS) attack, so that is the issue as far as the organization is concerned. It can also result in a loss of profit or other serious consequences being reported.