Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the form the data may take.
Information security can be also defined as the set of business processes that protects information assets regardless of how the information is formatted or whether it is being processed, is in transit or is being stored.
The act of providing trust of the information, that the Confidentiality, Integrity and Availability (CIA) of the information are not violated. E.g., ensuring that data is not lost when critical issues arise.Since most information is stored on computers in our modern era, information assurance is typically dealt with by IT security specialists.. These issues include, but are not limited to: natural disasters, computer/server malfunction, physical theft, or any other instance where data has the potential of being lost.A common method of providing information assurance is to have an off-site backup of the data in case one of the mentioned issues arise.
Sometimes referred to as computer security, Information Technology security is information security applied to technology (most often some form of computer system). It is worthwhile to note that a computer does not necessarily mean a home desktop.Such devices can range from non-networked standalone devices as simple as calculators, to networked mobile computing devices such as smartphones and tablet computers. IT security specialists are responsible for keeping all of the technology within the company secure from malicious cyber attacks that often attempt to breach into critical private information or gain control of the internal systems.
Information security is not a single technology; rather it a strategy comprised of the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information. Infosec management can include everything from mantraps to encryption key management and malware detection.Processes and policies typically involve both physical and digital security measures to protect data from unauthorized access, use, replication or destruction.
Infosec programs are important for maintaining the confidentiality, integrity and availability of IT systems and business data. Many large enterprises employ a dedicated security group to implement and maintain the organization’s infosec program.
Here is a list of some infosec companies that are worth looking for :
- Outlier Security