| The process of protecting data from problems like unauthorized access, disclosure, use, modification, destruction or disruption is called information security. Computer security, information assurance and information security are related terms, but there are some subtle differences between them. The difference usually concerns the methodologies that are used and the areas of concentration. All of them have the goal of protecting the information. The area of concentration in information security is the integrity, availability and confidentiality of any data. This filed has a very rapid growth these years and it offers areas of specialization.
From the beginning of writing, heads of states and military leaders had the need to transmit valuable information. They needed some kind of protection so that even if the message was discovered, the enemies could not decipher it. At first the methods of information security were primitive. The Romans used wax seals or other sealing devices. In the World War II, the techniques became more sophisticated. The end of the 20th century saw huge advancements in data encryption and telecommunications. The equipment was now cheaper and information security was available for any person. It is needed for a personal computer or for military strategies. And there are levels of security that can satisfy any demand. Information's from a person's driver license are personal and confidential. But some people can have authorization to access it. In order to transact business, people need to give out their home address, phone number or other information. Persons that work in institutions that need this kind of data have access to the information, but aren't allowed to use it for personal purposes. Confidential information can only be used, accessed or copied with proper authorization. If an organization holds this kind of information they are obligated to offer complete confidentiality to its clients. In information security there are some terms that people need to know about. Integrity means that a certain data can't be changed, created or deleted without special authorization. The data stored in one system must be in agreement with other related data from another system. Integrity can be lost if some data files are deleted or a virus enters the system. For example integrity is lost when an online shopper can change the price of a product. The second term is availability. It means that the systems used to process information, security controls and the information are all available when the information is needed. There are laws that are governing information security. The most important laws and regulation are: UK data protection act from 1998, the computer misuse Act from 1990, Payment Card Industry Data Security Standard and the Personal Information Protection and Electronics Document Act. Even now, information security is still getting better and harder to overpass. People like hackers will always try to defeat the systems. There are a lot of professional organizations that have emerged in the last years. The profession of information security has appeared and it is increasing in demand. There are some colleges, universities and companies that have learning programs about information security or it can even be learned online to a certain level.
Back To Articles... |
