The internet is practically overflowing with confidential information – just think of all those bank accounts, medical records, and customer databases! When we hand over these details, we like to think we're doing it safely – and that's where information security comes into the picture.
Businesses, hospitals, governments and more; they all handle a lot of sensitive information and therefore use information security strategies to keep it secure. Information security prevents unauthorized access to an organization's data, and deters any unwanted modification, disruption, or misuse. Information has never been more valuable, or sought after, and so it's never been more important to understand exactly how it stays safe. In this blog, we'll take a closer look at the tenets of information security, as well as some commonplace threats.
What is information security?
Information security is a set of strategies used to keep data secure – regardless of whether it's in transit (across the internet, a private network or physical containers) or resting in storage. You'll often see information security referred to as "InfoSec" or "data security", but it means the same thing!
The main concern of any information security strategy is to prevent unauthorized access to confidential information, as well as prevent (or reduce the risk of) subsequent misuse, modification, disclosure – and even deletion.
Information security processes typically have three key objectives – and these are known as the CIA triad.
⛓Confidentiality
Confidential data can only be accessed by folks who have the proper authorization. This means that sensitive information will not be disclosed to any unauthorized party. An organization can ensure that its data is confidential by keeping tabs on who's accessing it, as well as blocking unauthorized access attempts. Restrictions are essential to maintaining confidentiality, and you'll often see passwords, authentication measures, AES encryption and encryption keys used to secure data from prying eyes.
đź”’Integrity
If data cannot be modified without authorization, it has integrity. Essentially, this means the data should read back identically to how it was first written. Again, restrictions are an important part of maintaining integrity, and editing and modification permissions, as well as consistent backup and checksums, should be implemented, so that no unauthorized persons can adjust data.
⏰Availability
The world never sleeps, and neither does information – a customer or end-user needs 24/7 access! Of course, availability should only extend to those persons with the proper permissions. This tenet ensures that data can be accessed upon demand, in a timely manner. Availability is also the practice of preventing DDoS attacks, power outages, and curtailing service disruptions due to system upgrades and hardware failures.
Information security and cybersecurity
The terms "information security" and "cybersecurity" are often used interchangeably, which can lead to some confusion – but there's a key difference between the two.
Cybersecurity protects all things digital from internet-based threats – so, it's essentially the practice of keeping your files and documents (and raw data) safe from hackers or unauthorized snoopers. Information security, however, protects all data regardless of its form – including physical stuff. After all, plenty of organizations still keep paper records!
Threats to information security
Because information security applies to physical as well as virtual information, it can come under threat from a number of sources – including theft, natural disasters, and simple human error. However, with the shift from analogue data to paper-free operations, most security threats will be of the digital kind.
- Software attacks – malware, ransomware, trojan horses, viruses and worms; there's a whole roster of virtual nasties that have the potential to disrupt services and target information.
- Sabotage – an attack, like a DDoS, directly and deliberately violates the "availability" tenet of information security practices, and can have a devastating impact on the organization until regular service is restored.
- Insider threats – whether done on purpose or by accident, a staff member might be able to access information by abusing their access privileges. The individual may expose this data or steal it for their own ends, or accidentally leak it; the results, either way, can be devastating.
- Cryptojacking – hackers can trick users into downloading malware, or use mining scripts, to hijack system resources and mine cryptocurrency without authorization. This practise is also known as crypto mining.
- Social engineering – of course, sometimes people can have the worst intentions, and will employ phishing scams or whaling attacks to dupe users into handing over their credentials.
- Physical theft – a crook can sneak off with a company laptop or phone all too easily, and given just how much information can be stored on portable devices these days, they're prime targets!
- Intangible theft – the virtual thief can also make off with an organization's intellectual property, like trademarks, copyrights, and patents. Thieves can also pilfer an individual's details – their date of birth, address, name, and login credentials – to commit identity fraud.