A Primer on Information Security
Nowadays, the value of a business is determined by the nature of data it handles, the data its customers entrust it with.
It could be product information, launch plans, patent applications, source code, and designs, all of which are top-secret. It could also be the organization’s financial information such as its market assessment, estimated turnover, and profits. Confidential customer data such as their credit card information, credit rating, loans, and investments falls in the category of sensitive data.
The confidentiality and integrity of such data must be preserved by organizations and its availability, controlled. When it comes to sensitive data, the consequences of data breach may include but are not limited to business losses, legal liabilities, and loss of company credibility.
It is for these reasons guarding sensitive data against breach becomes critical to every organization, no matter how large or small. Organizations need to have a plan to secure critical data and mitigate security threats. Information security professionals responsible for rolling out and maintaining such plans in organizations usually refer to them as security programs.
Before we go any further, let’s examine the explanation for information security – “Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take (e.g.electronic, physical).”
Studies indicate that internal breaches are usually less than 2% which can include:
- Sending information to the wrong recipient
- Poor understanding of security procedures
- Disregard of company protocols
Protecting Data
A security program in place indicates that the organization recognizes that the threat is serious and has, therefore, taken steps to mitigate the risk of losing data. A well-defined process also minimizes the risk of business loss resulting from a security incident. If you do face a security incident that has legal consequences, the written information security program can be used as evidence to show the organization was following industry best practices.
Here are some of the common measures taken to protect data from security threats:
- Encryption of devices
- Keeping of devices in secure locations
- Regular backups
- Lock-down of devices when not in use
- Role-based access rights
Maintenance of audit trails and record of data
A Career in Information Security
- System Administration
- Networking
- Development
Experience in more than one technology in areas such as database, networks, and operating systems is desirable.
About author
You might also like
Technology Innovations that Improve Quality of Life for Senior Citizens
Amidst all the challenges that senior citizens face, living independently, managing health, and maintaining social connections are perhaps their most important priorities. Nowadays, many tech companies are focused on developing
Egocentric Interaction — A Design and Modelling
Future Experiences will be Increasingly Physical-Virtual There is a growing consensus within the field of Human-Computer Interaction
Enterprise Architecture Certification
Why it is important?
0 Comments
No Comments Yet!
You can be first to comment this post!