WHAT IS SECURITY?
Understanding the technical aspects of information security requires that you know the definitions of certain information technology terms and concepts. In general, security is defined as “the quality or state of being secure—to be free from danger.”
Security is often achieved by means of several strategies usually undertaken simultaneously or used in combination with one another.
Specialized areas of security
o Physical security, which encompasses strategies to protect people, physical assets, and the workplace from various threats including fire, unauthorized access, or natural disasters
o Personal security, which overlaps with physical security in the protection of the people within the organization
o Operations security, which focuses on securing the organization’s ability to carry out its operational activities without interruption or compromise
o Communications security, which encompasses the protection of an organization’s communications media, technology, and content, and its ability to use these tools to achieve the organization’s objectives
o Network security, which addresses the protection of an organization’s data networking devices, connections, and contents, and the ability to use that network to accomplish the organization’s data communication functions
o Information security includes the broad areas of information security management, computer and data security, and network security.
Where it has been used?
ü Governments, military, financial institutions, hospitals, and private businesses.
ü Protecting confidential information is a business requirement.
Information Security components:
The C.I.A. triangle - confidentiality, integrity, and availability - has expanded into a more comprehensive list of critical characteristics of information. At the heart of the study of information security is the concept of policy. Policy, awareness, training, education, and technology are vital concepts for the protection of information and for keeping information systems from danger.