What is Information Security
Home > 
What is Information Security
< back

What is Information Security

Information is an asset to all individuals and businesses. Information Security, in general, refers to the protection of these assets in order to achieve C - I - A as the following diagram:

C-I-A

C-I-A

Confidentiality

protecting information from being disclosed to unauthorised parties.

Examples:

Personal:
When submitted to a website, your personal data should only be used or accessed exclusively by designated staff in that company for the purposes agreed. No one else should be allowed to use your data for illegal purposes, or view the data out of curiosity.
Business:
Sensitive information, such as sales figures or client data, should only be accessed by authorised persons such as senior management and the sales team, and not other operations or departments.

Integrity

protecting information from being changed by unauthorised parties.

Examples:

Personal:
When submitted to a website, your personal data should not be altered in any way during data transmission, or by the website company.
Business:
Important documents or figures should not be changed or altered by unauthorised persons without prior notice.

Availability

to the availability of information to authorised parties only when requested.

Examples:

Personal:
You should be able to access and check your personal data kept on a website at any time.
Business:
Authorised senior management personnel should be able to access sales figures when needed; or clients should be able to access any of their data kept by the company when they request it.