Information Security

Information Security


Information security, also known as InfoSec, is the practice of mitigating business disruption in relation to unauthorized access, disclosure, modification, recording, and destruction of information. It is beneficial to use information system strategies to address issues as such. By so, information security focuses on strategy with principles in regards to access control, anonymity, integrity, authorization, identification, privacy, and reliability. Validation also plays an important role in relation to system-logs, performance, and network activity, and also of integrity of files and data. Information is usually in digital or physical format, where it’s usually recommended to utilize several layers of security. An Information Security Strategy is a clear and concise plan that allows executives, management and employees to see where they are expected to go, focus their efforts in the right direction and know when they have accomplished their goals. By using mail and communication encryption might strengthen ones security. (Reference



The CIA triad is a structured risk management process. Confidentiality is about keeping sensitive information secure, and within the circles of trusted parties. Integrity is about keeping the data intact, so that information is formulated and displays correctly. Availability is about sharing information on the correct channels, in the right ways. Information security is therefore concentrated upon the balanced protection of the confidentiality, integrity and availability of data, and on the same time maintaining a efficient policy implementation, while not disrupting organizational productivity. (Reference)


Cryptography


In computer science, cryptography refers to secure information and communication techniques derived from mathematical concepts and a set of rule-based calculations called algorithms to transform messages in ways that are hard to decipher. These deterministic algorithms are used for cryptographic key generation and digital signing and verification to protect data privacy, web browsing on the internet and confidential communications such as credit card transactions and email. In cryptography, the process of encoding a file or message so that only authorized parties can access the confidential information is called encryption. It is normal to encrypt emails in order to protect the content, so that only entities that are able to read the information are the intended recipients. It is empathized to encrypt email communication as emails is often a source prone to the disclosure of information essentially emails transmitted in the clear form. (Reference)