Information security
Information Security[edit | edit source]
Information security refers to the practices and operations involved in protecting and defending information and IT systems against unauthorized access, use, disclosure, disruption, modification, or destruction. The core objectives of information security are to ensure the availability, integrity, authentication, confidentiality, and non-repudiation of data and systems. This encompasses a wide range of measures, including the development of policies, the use of technology, and the training of personnel to guard against risks and to enable the safe, uninterrupted use of information technology resources.
Objectives[edit | edit source]
- Availability: Ensuring timely and reliable access to and use of information and IT resources.
- Integrity: Safeguarding the accuracy and completeness of information and processing methods.
- Authentication: The process of verifying the identity of a user or IT resource.
- Confidentiality: Preserving authorized restrictions on information access and disclosure.
- Non-repudiation: Guaranteeing that a sender cannot deny the authenticity of their sent message and that the recipient cannot deny receipt.
Key Practices[edit | edit source]
- Risk Management: Identifying, assessing, and taking steps to minimize risks to information security.
- Cryptography: Using encryption to protect information stored on IT systems or transmitted through networks.
- Access Control: Implementing policies and technologies to restrict access to information and IT resources.
- Incident Response: Preparing for and managing breaches or attacks to minimize damage and recover from incidents.
- Business Continuity Planning: Ensuring the continued operation of IT systems in the face of disruptions.
Challenges[edit | edit source]
Information security faces challenges from a variety of threats, including malware, phishing, ransomware, and insider threats. Emerging technologies such as cloud computing and the Internet of Things (IoT) also introduce new vulnerabilities.
Glossary of Information Security Terms[edit | edit source]
- Access Control - A security technique that regulates who or what can view or use resources in a computing environment.
- Cryptography - The practice and study of techniques for secure communication in the presence of adversaries.
- Firewall - A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.
- Intrusion Detection System (IDS) - A device or software application that monitors a network or systems for malicious activity or policy violations.
- Malware - Software designed to disrupt, damage, or gain unauthorized access to a computer system.
- Phishing - The fraudulent attempt to obtain sensitive information such as usernames, passwords, and credit card details by disguising as a trustworthy entity in an electronic communication.
- Ransomware - A type of malicious software designed to block access to a computer system until a sum of money is paid.
- Risk Management - The process of identifying, assessing, and controlling threats to an organization's capital and earnings.
- VPN (Virtual Private Network) - A service that allows you to connect to the Internet via a server run by a VPN provider, creating a secure connection to protect your privacy and ensure secure and anonymous browsing.
Search WikiMD
Ad.Tired of being Overweight? Try W8MD's physician weight loss program.
Semaglutide (Ozempic / Wegovy and Tirzepatide (Mounjaro / Zepbound) available.
Advertise on WikiMD
WikiMD's Wellness Encyclopedia |
Let Food Be Thy Medicine Medicine Thy Food - Hippocrates |
Translate this page: - East Asian
中文,
日本,
한국어,
South Asian
हिन्दी,
தமிழ்,
తెలుగు,
Urdu,
ಕನ್ನಡ,
Southeast Asian
Indonesian,
Vietnamese,
Thai,
မြန်မာဘာသာ,
বাংলা
European
español,
Deutsch,
français,
Greek,
português do Brasil,
polski,
română,
русский,
Nederlands,
norsk,
svenska,
suomi,
Italian
Middle Eastern & African
عربى,
Turkish,
Persian,
Hebrew,
Afrikaans,
isiZulu,
Kiswahili,
Other
Bulgarian,
Hungarian,
Czech,
Swedish,
മലയാളം,
मराठी,
ਪੰਜਾਬੀ,
ગુજરાતી,
Portuguese,
Ukrainian
Medical Disclaimer: WikiMD is not a substitute for professional medical advice. The information on WikiMD is provided as an information resource only, may be incorrect, outdated or misleading, and is not to be used or relied on for any diagnostic or treatment purposes. Please consult your health care provider before making any healthcare decisions or for guidance about a specific medical condition. WikiMD expressly disclaims responsibility, and shall have no liability, for any damages, loss, injury, or liability whatsoever suffered as a result of your reliance on the information contained in this site. By visiting this site you agree to the foregoing terms and conditions, which may from time to time be changed or supplemented by WikiMD. If you do not agree to the foregoing terms and conditions, you should not enter or use this site. See full disclaimer.
Credits:Most images are courtesy of Wikimedia commons, and templates Wikipedia, licensed under CC BY SA or similar.
Contributors: Prab R. Tumpati, MD