Information security
This means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
Information assurance
This is the protection of data against unauthorized access. The technical measures designed to ensure the confidentiality, possession or control, integrity, authenticity, availability and utility of information and information system.
The terms information security, computer security and information assurance have similar meaning. These fields are interrelated often and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some small differences between them. Information security is concerned with the above goals and data regardless of the form the data may take: electronic, print, or other forms.
Two another main definitions we talk under information assurance and security are threat and vulnerability.
Threat
Capabilities, Intensions, and attack method of adversaries to exploit, in other words any circumstances or event with the potential to cause harm to information.
Vulnerability
A condition or weakness that can be exploited by one or more threats. A flaw that would allow authorized access to an information system by someone or something that should not be there.
Governments, military, corporations, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about a business' customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business. Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement.
METHODS OF PROTECTING DATA OF THE INFORMATION SYSTEM
|
|
No comments:
Post a Comment