Information Security is also known as InfoSec, it is all about securing information from unauthorised access which can be done through tools, processes deployed to protect sensitive business information from modification, disruption, destruction and inspection.
This information can be anything from the data stored in your personal laptops, mobiles or anything stored on your social media platform.
There are three pillars of Information Security which are commonly known as :
C – Confidentiality
The information which is not disclosed to unauthorised individuals, entities and process. For example, if we say I have a password for my Facebook account but someone has seen me entering the password through shoulder-surfing when I was trying to login to my account. In such a scenario my password has been compromised and confidentiality has been breached.
I – Integrity
It means maintaining accuracy and completeness of data. This means data cannot be edited in an unauthorised way.
For example: if a person has been diagnosed with an untreated disease and dies due to the same then in this scenario his confidential data such as account details should be updated and closed by the bank authorities to reflect the status as ACCOUNT CLOSED so that data is complete and accurate and in addition to this only authorised person should be allowed to edit the account holders details.
A – Availability.
It means information must be available when needed. For example: if an employee who joins a new organisation and the new company wants to do a background check for this employee so in such a scenario the authorities need to share the information related to the employee when needed to the authorised source.
Difference between InfoSec and CyberSecurity?
Information security and cybersecurity are often confused. InfoSec is a crucial part of cybersecurity, but it refers exclusively to the processes designed for data security. Cybersecurity is a more general term that includes InfoSec.