Information security, also known as InfoSec, refers to the processes and tools designed and deployed to protect sensitive information from modification, disruption, destruction, and inspection. Information security is a crucial part of cybersecurity, but it refers exclusively to the processes designed for data security. Cybersecurity is a more general term that includes InfoSec.
Information security covers many areas and often involves implementating various types of security, including application security, infrastructure security, cryptography, incident response, vulnerability management, and disaster recovery. Organizations implement information security for a variety of reasons, but the main objectives are generally related to ensuring confidentiality, integrity, and availability of company information.
- Confidentiality—preventing unauthorized disclosure of information. The purpose of confidentiality is to keep information private and to ensure it is visible and accessible only to those individuals who own it or need it to perform their organizational functions.
- Integrity—protecting against unauthorized changes (additions, deletions, alterations, etc.) to data. The principle of integrity ensures that data is accurate and reliable and is not modified incorrectly, whether accidentally or maliciously.
- Availability—making software systems and data fully available when a user needs it.
Organizations often define an information security policy (ISP), a set of rules guiding individuals using IT assets. Companies can create ISPs to ensure employees and other users follow security protocols and procedures.
The following are security threats organizations face:
- Unsecured or poorly secured systems
- Social media attacks
- Social engineering
- A lack of encryption
- Security misconfiguration
Application security covers software vulnerabilities in web and mobile applications and application programming interfaces (APIs). These vulnerabilities may be found in the authentication or authorization of users, the integrity of code, configurations, and mature policies and procedures. Application vulnerabilities potentially create entry points for significant information security breaches.
Cloud security focuses on building and hosting secure applications in cloud environments and securely consuming third-party cloud applications.
Encrypting data in transit and data at rest ensures data confidentiality and integrity. Digital signatures are commonly used in cryptography to validate the authenticity of data.
Infrastructure security deals with the protection of internal and extranet networks, labs, data centers, servers, desktops, and mobile devices.
Incident response monitors for and investigates potentially malicious behavior. In preparation for breaches, IT staff build incident response plans for containing the threat and restoring the network.
Vulnerability management refers to scanning an environment for weak points (such as unpatched software) and prioritizing remediation based on risk.