Zimpapers Logo

Features Correspondent
Information is one of the prestigious assets an organisation can possess. What is information security? The words are simple, self-explanatory but a broad meaning can be drawn from them. It can be defined as the practice of protecting both physical and digital information from destruction or unauthorised access. With the advent of digital technology, the name has been commonly used in cyber world.

In Information Technology, it is sometimes referred to as computer security or as an act of providing trust of information from violation.

Security refers to the combination of systems, operations and internal controls to ensure integrity and confidentiality of data and operation procedures in an organisation.

Information security history dates back approximately to the early eighties. In 1980, the use of computers was concentrated in Computer Centres, where the implementation of computer security focused on securing physical computing infrastructure.

The evolution of the internet enabled businesses to quickly adopt its technology ecosystems, however this proved to be a great weakness from an information security perspective.

All users of computers and mobile devices with internet access must therefore always be alert to issues pertaining to information security.

Information can be easily spread through the inter-connected web. Most of us at home or at work have loads of data stored on storage devices that can in some way be accessed through the internet.

The improper disclosure of sensitive data can also cause harm and embarrassment. Recently, in cyberspace, there has been a buzz on the troublesome Ransomware.

According to Berkeley, Ransomware has been defined as a type of malicious software that infects a computer and restricts users’ access to it, until a ransom is paid to unlock it. Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert.

Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are told that unless a ransom is paid, access will not be restored. The ransom demanded from individuals varies greatly and must be paid in virtual currency, such as Bitcoin.

Protecting sensitive data is the end goal of almost all Information Technology security measures. Instead of waiting for a data breach, it is necessary to plan ahead.

Create a plan to review your data security status and policies and create routine processes to access, handle, and store the data safely. Archive data that is not needed.

Make sure you and your colleagues know how to respond if you have a data loss or data breach incident. The first step to secure computing is knowing what data you have and what levels of protection are required to keep the data both confidential and safe from loss. It is also necessary to keep relevant data thus saving space on your storage device.

Modern information security professionals often refer to a concept known as the CIA (Confidentiality, Integrity and Availability) triad.

The idea of confidentiality is simply to keep information out of the hands of people who are not authorised to have it. This is why it’s important to have strong computer and website passwords. It is also important to restrict access to emails or social media, in order to ensure that communications are kept private.

Integrity means keeping your information intact and this is an important part of information security. It is an awful feeling finding out that all your important computer files have been lost or deleted and there is no way of getting them back.

Availability is best ensured by rigorously maintaining all hardware by performing hardware repairs as quickly as possible when required as well as maintaining a correctly functioning operating system environment that is free of software conflicts.

In an organisation, information is an important business asset that is essential and thus needs the appropriate protection.

This is especially important in an increasingly inter-connected business environment, in which information is now exposed to a growing number and a wider variety of threats and vulnerabilities.

Increasingly, the damage caused by invasive issues such as malicious code, computer hacking by black hat hackers, and denial of service attacks have become more common and proved to be sophisticated.

So, by implementing information security measures in an organization, the technology assets in use within an organisation can be protected.

In terms of protecting the functionality of an organization, both general management and IT management are responsible for implementing information security measures that protect the organisation.

Most organisations such as Amazon, Google and Dropbox keep customer information, so it is crucial for them to ensure confidentiality and protect the information gathered.

Without information, a business cannot be run. By securing the information, it can enable the organisation to run business smoothly without interruption. This is why information security is extremely important in organisations.