Identify risks in Information Security

ayeshshiddika11 · Post by **ayeshshiddika11** » Mon Jan 06, 2025 6:39 am

With technological advances come new concepts, new areas of knowledge, new niches of study... and one of them is Information Security . We all have some idea about this subject and its importance.

But really: What is Information Security? What does it consist of?

What is information security?

It is the set of mechanisms and activities that we apply to protect information. And along with it, we also protect our business processes, which operate using, precisely, information.

On the one hand, ordinary processes use information: clients, products, prices, contracts, etc. And on the other, an organization's own decision-making is based on the information it has about the organization itself, the market and the context. Information is, therefore, a high-value asset.

In order to protect information, it is not enough to do so only with its supports, the data warehouses. But all the computer systems involved in its management and processing, as well as communications, are also involved. Protecting information

consists of maintaining its three macedonia phone data pillars: confidentiality, integrity and availability.

Protecting confidentiality means preventing unauthorized persons from accessing information. Often, only this characteristic is thought of. But as we will see, it is not enough to ensure that an organization can continue its business processes.

Integrity is the property of information remaining correct, without unauthorized alterations. Possible unauthorized alterations obviously include its destruction. In general, the alteration of information can cause greater damage, since the decision-making and operations of the organization are based on incorrect information. Finally, availability consists of ensuring that the information will be accessible whenever it is needed, obviously by authorized personnel. In most cases, it is the most important property. And in many cases, the least attended to. Based on these main pillars, we could redefine or detail information security as the mechanisms intended to guarantee that the information is available to the organization and its processes (availability); that it is the correct information, without unauthorized alterations (integrity); and that unauthorized access does not occur (confidentiality).