Information Security Best Practice

Information security is the hot topic on everyone's lips, and it's not going away anytime soon. Conosco Information Security Manager Hylton Stewart will help you understand information security best practices and priorities.
 
 
InfoSec - Conosco Security Division
InfoSec - Conosco Security Division
 
Spread the Word
Listed Under

Tags:
* Information Security
* Infosec
* Infosec Best Practice

Industry:
* Security

Location:
* London City - London, Greater - England

LONDON - Feb. 13, 2018 - PRLog -- WHAT IS INFORMATION SECURITY?
Information security is a general term that applies to the security of electronic information within Information Technology (often referred to as Cyber Security), as well as the security of physical information and physical assets. It is the practice of preventing (or mitigating against) unauthorised access, use, disclosure, disruption, modification, inspection, recording or destruction of information – both electronic and physical.

It is important to remember that there is no such thing as perfect security, meaning that it's impossible to defend against all potential threats, all of the time. The goal of information security is to mitigate the likelihood and impact of potential threats. This is done by implementing various defences (often referred to as controls), to reduce either the potential likelihood of a threat occurring, or to reduce the potential impact on the organisation.

THE THREE CORNERS OF THE INFORMATION SECURITY TRIAD

There are three general areas that need to be considered when protecting information and assets, often referred to as the Information Security Triad:

Confidentiality – information should not be available or disclosed to unauthorised individuals, processes or entities
Integrity – information accuracy and completeness should be maintained, and cannot be modified in an unauthorised or undetected manner
Availability – information (and the assets used to store and process it) should be available when needed

YOUR BUSINESS' SECURITY SAFEGUARDS
There are many safeguards that can be put in place to improve the information security of an organisation, many of which depend on various factors such as the organisation's risk appetite, the type of business, and the complexity of the organisation and its information.

These controls can be broadly categorised as:

Management – documented policies, work procedures, standards and guidelines written by the organisation and imposed by regulatory and compliance requirements. Management also includes planning and risk assessment.
Technical – IT-implemented controls that use software and data to monitor and control access to information and systems. These include enforced password changes, permissions on files and folders, and network firewalls.
Operational – daily tasks related to operating the organisation, including configuration (change) management, maintenance, incident response, and personnel security.

There are many controls that can be implemented to mitigate against the risks posed by threats. In the next article, we'll list information specific security best practices that all organisations should consider.

In the meantime, if you have any questions about the information security of your business, get in touch with one of the experts at the Conosco Security Division: securitydivision@conosco.com. (mailto:securitydivision@conosco.com)

Media Contact
Conosco
info@conosco.com
02035070418
End
Email:***@conosco.com
Posted By:***@conosco.com Email Verified
Tags:Information Security, Infosec, Infosec Best Practice
Industry:Security
Location:London City - London, Greater - England
Account Email Address Verified     Account Phone Number Verified     Disclaimer     Report Abuse
Conosco News
Trending
Most Viewed
Daily News



Like PRLog?
9K2K1K
Click to Share