InfoSec, also known as information security, is a general term used to describe the practice of protecting information from unwanted access or manipulation. It applies especially to military, government, and corporate organizations in which losing control of sensitive information can pose grave financial or strategic risk.
Information security must protect information against external threats, as well as internal degenerative forces, such as the failure of a storage device or a network. Good InfoSec practices are, therefore, an inherent part of Information Technology.
Qualities of secure information
- Confidentiality — Only authorized users can access the information.
- Integrity — The information is complete and accurate.
- Availability — The information is available whenever authorized access is required.
In order that these qualities should be preserved, it is imperative that the following actions may be taken by authorized users only.
- Reading — Finding out what the information is, or making a copy.
- Writing — Adding to the information or modifying it.
- Disclosure — Making the information public knowledge.
- Disruption — Changing the availability of the information.
- Destruction — Removing the information.