Retrieved from https://studentshare.org/information-technology/1625049-information-security
https://studentshare.org/information-technology/1625049-information-security.
of the of the 12 December Information Security Information security is a misunderstood concept, as some organizations relate it to the technical excellence. Likewise, they often miss the concept of addressing information security holistically. Information security has three pillars i.e. Confidentiality, Integrity and Availability. Confidentiality related with any information that is personal, need to be protected and information that is uniquely identifying meaningful data. Integrity is associated with any data that loses its originality and the recipient receives amended data.
Availability simply related to non-availability of data when it is required. Examples for these three pillars are:Confidentiality: personal information, mission critical information exposedIntegrity: Original email is amended and the recipient do not knowAvailability: Email is required to fulfill a task and it is not available.For minimizing the threats to information security, a continuous cycle comprising of process, people and technology is required. Likewise, the processes will be made for effecting handling information security practices both for technical and management domain.
People need to be aware of threats associated with information security. For establishing awareness, a continuous information security awareness program is required that will aware all employees of the organization for associated risks and current threats. Furthermore, the technology part will also play a critical role as technical controls can be implemented via technology. These practices will help us achieve risk mitigation on critical assets at an acceptable level and they can be transferred, mitigated and avoided.
Read More