Information Security
Information security can be defined as the rules and techniques that are applied to keep certain information safe and within the limits set by the company or organization that is in charge of handling said data.
It is worth mentioning that information security ( InfoSec ) has been evolving throughout history. Although it is a concept closely related to computing today, this was logically not always the case.
For many hundreds of years, different methods have been used to protect valuable information and data, perhaps the most used of all being encryption, which formerly consisted of saving the information in an encrypted form, that is, not written in ordinary language, but in such a way that a key was needed to be able to understand what had been written.
These types of techniques, and many others, are also currently used to keep data and information secure and thus prevent it from falling into the hands of third parties to whom it is not their responsibility.
Goals of Information security
As we have already said, the objective of information security is to protect the information or data that are designated and prevent them from falling into the hands of people who are not authorized to use them.
To achieve this goal, the companies that have this kind of systems adopt different types of measures and techniques, so that the information remains protected and cannot be stolen, manipulated, deleted, etc.
Nowadays correct information can be very dangerous in the wrong hands, therefore it is necessary to define three aspects so that the information can be classified:
- The first of these aspects is how critical the information is, that is, how indispensable it can become for a company, organization or individual.
- The second aspect is the value that information possesses, since in some cases it can be used in a way that harms or benefits others.
- The third aspect is sensitivity, the information must be able to be accessed only by those who have sufficient authorization to do so.
Difference between Cybersecurity and Information Security
We have already seen what exactly information security is, but is it different from information security or cybersecurity? Well yes and no.
It happens that currently most of the information is stored in computer systems, however cybersecurity involves only computerized systems, while information security is a more general term that goes beyond computer security .
Cybersecurity focuses on the protection of data that is stored in computer systems, such as computers, computer networks and data servers, web hosting , etc.
Another key aspect that cybersecurity focuses on and that makes it different from information security is that security in computer terms does not only refer to data protection, but also to the protection of systems and applications themselves.
In the computer world there are different ways to attack a system, and this can be done with different objectives. Information theft is sometimes one of them, but there are also scenarios where what is sought is only to interrupt a service or take it offline, as could be the case, for example, of a server that is attacked to make a website becomes inaccessible.
It is worth mentioning that computer security faces a large number of different types of threats, since although the advancement of information technologies provides new forms of protection, it also gives rise to the creation of threats, some of which may be:
- Viruses and malware : Computer viruses and any type of malicious software are very dangerous for cybersecurity, since they can compromise entire systems.
- Users – Users are perhaps the weakest link in the cybersecurity chain, as their actions can sometimes result in security holes in a system.
- Personnel : the personnel in charge of systems, computers, a network or dedicated servers or cloud hosting also represents a possible threat, since in the event of a labor problem or an internal dispute, it is the personnel who have the means faster to sabotage a system.
- Natural and sinister catastrophes : no physical or virtual environment that is based on a physical one is safe if there is some type of natural catastrophe involved, such as tornadoes, earthquakes, volcanic eruptions, etc. The same applies to claims such as theft, fire, landslides, accidents, etc.
- Programming flaws: The programming of a system, that is, its code, may have security flaws or security holes that can be exploited by a third party to gain access to the system in question or to steal data.
In summary, although information security is often confused with digital security or cybersecurity, they are actually two different concepts. Both emphasize data protection, but the main difference is that cybersecurity focuses on the protection of information in computer systems.
The objective of information security (also called InfoSec) on the other hand, is that the data that is protected does not leak outside the limits established by the company or institution in question (and that it does not happen as in the recent cases of LabCorp reported by Krebson Security , the famous design software Canva , or the repeated cases of Facebook and its poor handling of its users’ information).
Pillars on which security is based
There are three fundamental pillars on which security is based:
- Confidentiality
- Availability
- Integrity
Action policies must be established for each situation and the company must carry out controls and processes that detect potential risks that may occur.
1-Confidentiality
Confidentiality protects and gives a guarantee that all information and data collected will not be disclosed without authorization.
2-Availability
Availability makes it possible for authorized users to access it at any time.
3-The integrity
Integrity is guaranteed by displaying unmodified and accurate data.
Therefore, its main mission is to take care of the proper functioning of the data and their transmission in a secure environment, using insurance protocols (encrypted codes) and techniques to avoid risks .
Types of Information Security
What types of information security exist? Should all data be treated in the same way at the level of computer security? Let’s look at the following examples:
1-application security
Currently, most of the attacks that a computer system or a website receives are carried out through the application itself, that is, it is not directed against the system or against its network.
The applications that a company can develop must be extremely secure, since that is where an attack will try to carry out its objectives first, since it turns out to be the first layer of interaction and the most accessible, often being public.
It is important that if an application is insecure, it is patched quickly, which will prevent further loss of information, data manipulation, etc. In fact, it is even more important that the applications directly have the best security measures before being available to the general public, this saves work time and resources against failures that are detected later.
2-cloud security
Cloud security or cloud security refers to the practices that are carried out to protect the information and systems that are based on the computing cloud .
This type of security is similar to that of traditional computing, although it has the advantages of the cloud, which implies, for example, lower operating costs, better resource utilization, lower cost depending on the resources used and much greater scalability. fast.
3-Cryptography
Cryptography, coding or encryption is the name we can give to a set of techniques that are used so that certain data can be read only by those who have the necessary key.
Those who do not possess the necessary key to read the data that is encrypted will not be able to understand what they are seeing, while those who do possess such knowledge will be able to read it easily.
4-Infrastructure Security
These are the techniques and regulations used to protect an infrastructure of systems and services. In general, infrastructure security can be divided into different layers, such as: hardware, system software , user management, cloud storage systems , communication and network systems, and finally operations systems.
Each of the aforementioned layers has its own security rules and procedures, which together will shape the security of the entire infrastructure.
5-incident response
The response to a security incident in the context of information technology is of a very important nature, since if there is a case in which the security of a system is violated, it must be possible to respond to said incident quickly, forcefully and efficiently.
It is important that the response to incidents is planned in advance, so that it will be possible to work more effectively without having to improvise on the fly.
6-Vulnerability Management
There are different methods that are used to manage the vulnerabilities that an organization or company may face. The first thing is the identification of systems: vulnerable systems must be identified in order to prioritize them.
Vulnerability scans come second, since it is essential to carry out this type of testing in order to trust the security of a system. In case vulnerabilities are detected, the next step will be to perform an analysis of them.
Thanks to the vulnerability analysis, it will be possible to apply security patches for them, after which it will only be necessary to carry out a new scan and if everything is correct, carry out proactive monitoring and maintenance.