Information security

Information security is the process of protecting the availability, privacy, and integrity of data. While the term often describes measures and methods of increasing computer security, it also refers to the protection of any type of important data, such as personal diaries or the classified plot details of an upcoming book. No security system is foolproof, but taking basic and practical steps to protect data is critical for good information security.

Information Security refers to the protection of these assets in order to achieve C - I - A as the following diagram:

C-I-A: Confidentiality:  protecting information from being disclosed to unauthorized parties. Examples:  Personal:  When submitted to a website, your personal data should only be used or accessed exclusively by designated staff in that company for the purposes agreed. No one else should be allowed to use your data for illegal purposes, or view the data out of curiosity. Business: Sensitive information, such as sales figures or client data, should only be accessed by authorized persons such as senior management and the sales team, and not other operations or departments.

Integrity:  protecting information from being changed by unauthorized parties.

                                                              Examples:

	Personal: When submitted to a website, your personal data should not be altered in any way during data transmission, or by the website company. Business: Important documents or figures should not be changed or altered by unauthorized persons without prior notice.

Availability:  to the availability of information to authorized parties only when requested.

Examples:

Personal: You should be able to access and check your personal data kept on a website at any time.

Business: Authorized senior management personnel should be able to access sales figures when needed; or clients should be able to access any of their data kept by the company when they request it.