Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction.
It is important for us to understand that there is no such thing as a “fully secured information system”. We live in a world of vulnerability, be it information or human life.
Security risks are increasing by the day, enterprises are becoming externally focused and open. Hackers are increasingly turning fraudulent and criminal, but centralized assets are becoming distributed assets, increasing the vulnerability. New viruses are on the prowl and applications are thrown open to Internet.
Today, the enterprises live in a world where security attacks can crumble the business to its knees. This has become a part of everyday life. It is important for enterprises to take cognizance of the fact that security threats are real. They need a structured program to protect the information from external and internal threats.
These programs need to include concepts, techniques, technical and administrative measures used to protect information assets from:
- Deliberate or inadvertent unauthorized acquisition
Information resides everywhere in our organization – in printed sheets, files, computers, laptops, CD-ROMs, Blackberries, iPhones, data centers, back-up tapes stored in a remote location and all these are vulnerable to be misused. The damages can be significant if information is not managed securely.
How to secure data and information will be articulated in the next article.