Information Security

-

"Information is meaningful and useful data which can be processed, refined, analyzed, structured, relevant to the criteria, verifiable and documented as needed"

"Information is an asset, has value for any organization like other important assets." 

"Information System can be applications, services, information technology assets, or other information handling components"  (ISO IEC 27000 : 2017 Clause 2.39)

"Threat is potential cause of an unwanted incident, which may result in harm to a system or organization"  (ISO IEC 27000 : 2017 Clause 2.83)

"Attack is an attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset "  (ISO IEC 27000 : 2017 Clause 2.3)

"Information security is preservation of confidentiality, integrity and availability of information " (ISO IEC 27000 : 2017 Clause 2.33)


Information security or InfoSec, is a broad discipline deals with protecting an organization's sensitive information and data assets against illegal access, disclosure, change, and destruction. It includes a wide range of policies, practices, technologies, and methods aimed at ensuring the confidentiality, integrity, and availability ( CID ) of data throughout its life cycle.

Here's a more in-depth description of information security:

1. Confidentiality: Preventing unauthorized persons or entities from accessing information. This involves ensuring that sensitive data is only accessed by authorized employees. Access restrictions, encryption, and user authentication are all methods for achieving secrecy.

2. Integrity: Making certain that data is accurate, consistent, complete and reliable. Unauthorized persons or processes should not tamper with or modify information. Techniques such as data validation, checksums, and digital signatures aid in the preservation of data integrity.

3. Availability: Ensuring that information is always available and accessible to authorized users. This includes avoiding system and network disturbances such as denial-of-service (DoS) attacks and hardware failures. To ensure availability, redundancy, disaster recovery plans, and network resilience are utilized.

4. Authentication: The process of verifying the identity of persons, systems, and entities seeking to access data. Passwords, biometrics, smart cards, and multi-factor authentication (MFA) are all ways of authentication.

5. Authorization: The process of granting persons or entities suitable access rights and permissions based on their authenticated identification. Authorization methods govern what actions users may do and what data they can access.

6. Data Classification: Classifying information depending on its importance and sensitivity to the organization. This enables more stringent security procedures to safeguard more vital data.

7. Encryption: The process of turning data into a safe, unreadable format that can only be decrypted with the correct decryption key. Encryption is used to safeguard data in transit as well as at rest.

8. Security Policies and Procedures: Creating and implementing a set of rules and procedures that govern how information is handled, shared, and safeguarded inside a company. This includes regulations on permitted usage, incident response procedures, and data retention.

9. Security Awareness and Training: Informing employees and stakeholders about security best practices, dangers, and their responsibility in information security. Human error and social engineering attacks can be reduced through training programs.

10. Access Control: Putting in place systems to limit access to information to just authorized employees. This encompasses the ideas of role-based access control (RBAC), privilege management, and least privilege.

12. Physical Security: Preventing unauthorized access, theft, or damage to physical assets such as servers, data centers, and paper records. Access control systems, monitoring, and secure facilities are examples of physical security methods.

13. Risk Management: The identification, assessment, and mitigation of information security threats. This include assessing prospective threats, vulnerabilities, and the effect of security incidents.

14. Compliance: Ensuring that a business complies with legal, regulatory, and industry-specific information security regulations. Audits and reporting are frequently used to ensure compliance.

15. Security Technologies: Using a range of security technologies to guard against cyber threats, including as firewalls, intrusion detection and prevention systems (IDPS), anti-virus software, and security information and event management (SIEM) tools.


Technical solutions, rules, and an organizational culture that prioritizes security are all necessary for effective information security, which is a continuous effort. The security of sensitive information is essential for an organization's reputation, financial stability, and legal compliance in the modern digital age where data breaches and cyberattacks are common.


Comments

Post a Comment

Popular posts from this blog

OWASP Top 10

-
OWASP Top 10 is an awareness document mentioning top 10 most critical risks in web application security which is regularly updated by an international non-profit organization called Open Web Application Security Project, dedicated to web application security. 1. Broken Access Control Broken access control vulnerability allows attackers to read / view sensitive data and carry out actions that they are not authorized to carry out. As an illustration, consider a website allows only admin users to view its admin pages and protected from regular users. If access control is compromised, an unauthorized user can read private data belonging to other users, gain access to admin and carry out actions that they are not intended to. Example of such type of vulnerability is Insecure Direct Object References (IDOR). Consider a user on a website uses following URL to access his / her account: https://xyz.com/user_acct?user_num=123 Using the URL, user retrieving his information from the database in th
Read more

TCP/IP Model

-
Image
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a standard protocol suite used to facilitate communication between network devices over the internet which consists of two components TCP and IP. TCP/IP is a compact form of OSI model. Unlike the OSI model, which has seven layers, it has four layers. The data is divided into packets by the TCP/IP Model at the sender's end, and in order to preserve data correctness, the same packets must be reassembled at the recipient's end. The data is divided into four layers by the TCP/IP paradigm, which arranges the data in a sequential fashion at the sender's end and reorders it at the recipient's end. Network Access Layer: A combination of Physical layer & Data Link layer defined in OSI model, responsible for the transmission of the data between two devices over network. Ethernet protocol is used by this layer. Network Layer / Internet Layer: It is responsible to send the packets from a network to the des
Read more

AAA

-
Image
AAA stands for Authentication, Authorization & Accounting. AAA is an information security framework used for controlling access to computer resources, enforcing policies & tracking for auditing usage of resources required for billing of resources.                           AAA used to control which user is allowed to access the network resources by comparing user's login credentials (user id & password) with AAA server's database (Active Directory) stored user credential data called Authentication, authorize that user for performing a pre-defined task as per roles & responsibilities set in the database (enforcing policies) called Authorization and tracking the actions performed while accessing the network called Accounting. Here AAA server acts as an Identity & Access Management Tool. For example, administrator can access a network device by using console normally.  In case of accessing network device remotely, it can happen only by using IP address. But the
Read more