What Is Information Security?

Information security is the application of measures to ensure the safety and privacy of data by managing its storage and distribution. Information security has both technical and social implications. The first simply deals with the ‘how’ and ‘how much’ question of applying secure measures at a reasonable cost. The second grapples with issues of individual freedom, public concerns, legal standards and how the need for privacy intersects them. This discussion covers a range of options open to business managers, system planners and programmers that will contribute to your ultimate security strategy. The eventual choice rests with the system designer and issuer.

The Elements Of Data Security 

In implementing a security system, all data networks deal with the following main elements:

1) Hardware, including servers, redundant mass storage devices, communication channels and lines, hardware tokens (smart cards) and remotely located devices (e.g., thin clients or Internet appliances) serving as interfaces between users and computers

2) Software, including operating systems, database management systems, communication and security application programs

3) Data, including databases containing customer - related information.

4) Personnel, to act as originators and/or users of the data; professional personnel, clerical staff, administrative personnel, and computer staff