What is Information Security?

Information is an asset to all individuals and businesses. Information Security refers to the protection of these assets in order to achieve C - I - A              

C-Confidentiality: protecting information from being disclosed to unauthorized parties.

Examples:

Personal: When submitted to a website, your personal data should only be used or accessed exclusively by designated staff in that company for the purposes agreed. No one else should be allowed to use your data for illegal purposes, or view the data out of curiosity.             

Business: Sensitive information, such as sales figures or client data, should only be accessed by authorized persons such as senior management and the sales team, and not other operations or departments.

 

I-Integrity: protecting information from being changed by unauthorized parties.

Examples:

Personal: When submitted to a website, your personal data should not be altered in any way during data transmission, or by the website company.              

Business:             Important documents or figures should not be changed or altered by unauthorized persons without prior notice.

A-Availability: to the availability of information to authorized parties only when requested.

Examples:

Personal:             You should be able to access and check your personal data kept on a website at any time.           

Business:             Authorized senior management personnel should be able to access sales figures when needed; or clients should be able to access any of their data kept by the company when they request it.