In today’s exceedingly advanced computer technology coupled with the ever increasing volume of secure information being generated by organizations the world over, there lurks an inevitable danger of this information being leaked and hacked. It has become an every day routine affair when news items appear in headlines about hacking of bank accounts, leakage of confidential information from personal files. The term, “HACKING” denotes unauthorized access to the computer hardware and software, loopholes in the security system.
Principles Of Information Security
The term, “Information Security”, essentially means that highly confidential information of crucial nature to an organization’s existence and progress is protected primarily from access by unauthorized personnel, illegitimate use, disclosure, carrying out illegal alterations and ultimate destruction of the data.
Components of Information Security
The terms, Information security, information assurance and computer security are often used interchangeably and wrongly. Although, there are very delicate differences amongst them, they are interrelated and the common goal is to safeguard the Confidentiality, Integrity and Availability, well known as the CIA. These subtle variations exist in the technologies utilized, the approach to the topic and areas of application. These three form highly significant qualities of Information Systems.
These are broken up into three main components, hardware, software and communications. The main aim of these components is to achieve the objective of identifying and utilizing industry-standard information security methods for safeguarding and preventing leakage at three tiers, organizational, physical and personal levels. These processes or policies are put into effect to inform the relevant people on the methodology of using information security products to emphasize on security of information within the organization itself.
Generation of Information and Security Measures
There are large-sized organizations, both governmental and non governmental, accumulating loads of information of a highly confidential nature on their products, financial status, research, employees and customers. This information is generally processed, collected and stored on computer systems and is accessible to various departments in the organization through communication networks.
Catastrophic Effects of Breach of Information
It is difficult to imagine the catastrophic effect if the confidentiality of information falls into the hands of a competitor. It would entail loss of business, law suits and eventually bankruptcy. It is one of the fundamental requirements of business to maintain confidential information and in several cases has become a legal entity as well as it forms an integral part of business ethics.
It is imperative that internal built-in security checks are introduced in the hardware and software systems. It would help in maintaining the integrity, confidentiality and availability of information to only those personnel in the organization who are authorized to gain access to classified information. The primary job responsibility of System Administrators in an organization is to protect and safeguard the sanctity of the data of the organization through every possible means and mainly through checks in the software and communication networks installed in the organization.
A Never-ending Process
Information security is an ongoing process and it is necessary that all security checks are followed regularly to prevent misuse, illegal access and maintaining confidentiality of data. Each process needs to be reviewed periodically, training has to be imparted to personnel and documentation has to be kept ready at all times, which in turn make information security an integral part of the operations of the organization.
- Handbook of Information Security Management Author : Micki Krause and Harold F. Tipton
- Executive Guide to Information Security, The Threats, Challenges, and Solutions Authors: Mark Egan & Tim Mather
- Information Security: A Strategic Approach Author: Vincent LeVeque
- Information Security: Principles and Practice Author: Mark Stamp