Information Security



Faculty Mentor:
Dr. Manjot Kaur Bhatia

Student Name:
Priyanshi Gupta (MCA-2 nd Year)
Nikita Marwah (MCA-2 nd Year)


Introduction

Being in 21st century, seeing technological transformations is not a big deal any more. Today where there are no limits to the enhancements of technological aspects, it has become possible for one to get all his day to day work done using technologies like desktops and mobile phones, while sitting on a chair. Whether it comes to shopping or paying electricity bills of their place, human are getting advanced in terms of IT usage. And with the improvement of networks, it is now easy for one to reach any point or perform any sort of work on the internet, without regard to the geographical or time boundaries. But what when you come to know that whatever information you shared with your electronics is not secured anymore. Data have always played the biggest role while performing any work. One can say that the value of a business is in its data. No matter how small or big a company is, they always need to have a plan to keep their customer’s information secured enough. A secured place is always successful in inviting more individuals. And today, securing your information has become a massive task. Information security itself includes the securing of a person’s private data from unauthorized access, modifications, disclosures or any unwanted recordings or destructions.

2.WHAT IS INFORMATION SECURITY?

The practice of keeping essentials safe and only allowing access to information to people who are authorized to see it is what we call INFORMTION SECURITY. Whether it is digital or non-digital information, IS contains the strategies for managing the processes and tools to detect and prevent the threats to it. It is critical for every business to keep its data secured and protected as the value of an organization leads within its data. U.S. Central Intelligence Agency was the one who started this concept of securing their data and they made sure that their data is not being altered or used by anyone who is not authorized to access it. Information security is a much broader concept enclosing all records under the control of an organization. Now a days companies are recruiting dedicated groups for safe-guarding the security concerns of the organization.


image

3.PRINCIPLES OF INFORMATION SECURITY

Information security governs the following overarching four principles:

3.1.Confidentiality:

Confidentiality is the property, in which information in the system not disclosed to everyone, only authorized users can access it. It gives privacy to information to protect it from unauthorized access. This type of protection is important in military and organizations that need to keep plans from being compromised as it allows only specific users to access the information.

3.2.Integrity:

Integrity is to prevent system information from errors as it ensures the accuracy and completeness of the information. No user be able to modify information in an unauthorized way to ensure that information is maintained in the correct state that is expected by the users and they get the most reliable information without any modification.

3.3.Availability:

Information must be available when it is required. Availability of information makes information available for use to authorized users by preventing system failures, natural disaster and denial-of-service attacks, which forces the system to shut down.

3.4.Non-repudiation:

Users cannot deny to send or receive the message or any information. In cryptography, a message matches the digital signature signed with the sender’s private key. Sender sent a message that nobody else has reformed it because only the receiver has a key to encrypt the information and this secures the information from the attackers who might attack. In recent years, information security is more essential for military areas , private businesses and in government sectors as it has grown remarkably.

4.WHO IS RESPONSIBLE FOR INFORMATION SECURITY?

It’s not difficult to answer this question as the one who is utterly accountable to information security is “everyone”. Everyone is responsible for securing the data within a business. This can refer from the ceo of the company to any other employee. Some are more accountable than others, while some have a clear legal responsibility but everyone is somewhere involved. Data security is a huge strand for customer satisfaction and hence acquired by organization worldwide. Adopting security means can mean trouble for anyone. As the data volume within the Internet increased, so the need to increase the range of information security policy. Hence, it is not wrong to say that security policy has to be taken by every single person engaged with the organization.

5.NEED OF INFORMATION SECURITY

With the enhancing use of technology data is obtaining larger day by day thus the data security has become necessary to secure valuable data that is considered as an assets for each organization, from being compromised. It prevents from several software system attacks like virus, worms, Trojan horses etc, stealing of the data and information extortion as threat reaches the information through the vulnerability and therefore information security defend necessary information from the threat. the information security is required for the subsequent given reasons.
  • Users have information that has to be unbroken confidential and correct.
  • Data that has to be obtainable when user need it.
  • To cut back the chance of unauthorized access to data.
  • Prevent the information from extralegal updating and deletion.
  • Guaranteeing for liableness its completeness.
  • Roadblocks to access the personal information.
  • It prevents loss of the information.
To safeguard the information from deviating the information packets within the network for infinitely very long time and this increasing in congestion and makes destination machine fails to capture it.

6.HOW TO KEEP INFORMATION SECURED?

It’s important to be conscious when it comes about the privacy of your data. With the enhanced usage of internet technologies, it has become a need for everyone to keep their data preserved. Keeping passwords, financial, digital and non-digital information safe from unauthorized ones has always been a priority for businesses, but it is also critical for individuals to let their personal information be secured. And certain policies are thus planned for the same. A number of steps are there which can be taken by one to protect their data, most of which are inexpensive and easy to implement.
  • Encryption is one of the most popular security method where data is encoded at the sending end and can only be decrypted by the user who is intended to receive. This technique is applicable to all kind of data protection ranging from government intel to personal credit card transactions.
  • Back-up plans, a frequently used term, when it comes to perform something extremely important. But it tends to be more beneficial when your servers are also ready to be backed up. And also the data that is not on servers, shouldn’t it be backed up..!!
  • Basically backup is all about creating duplicate copy of our data so that if the data is lost or stolen, we don’t lose our important information.
  • Protected password is the first step of defense against unauthorized users and other threats. Information with a well-built password is never easy to be hacked by anyone. There should be a creativity while using password. Make sure your computers, servers, wi-fi connections all are having password protections.
  • Keep the access to your data within the bounds. It’s not so good when you free the access to your data. Unknowingly you open gates for the hackers. It is better to keep your data secured and give access to only recognized and intended user.
  • Hold your delicate data out of cloud. The number of cloud user increases day by day, and it’s not going to slow down. Today not only for exchanging information but we also use cloud to store data permanently. Defining who and under which conditions can access the data on cloud, is one of the major issues. Second issue is that the place where we store data, has actually no rules or we can say its own rules. Therefore, if one day you have to give up your data, it will be not a big deal.
It is thus, everyone’s responsibility to keep their data secured enough either by the security policy or by their own means, but the eventual goal should be reached.

7.ADVANTAGES OF INFORMATION SECURITY

As thousands of data exchanged daily which might simply be theft by attackers, to form your data secure and defend it from unauthorized access or provide them access to the licensed folks so nobody can modify it or destroy the precious information because it is that the most respected plus of any organization and its protection is furthermore a crucial half. It shouldn't be compromised and not restricted to the natural disasters or amiss of the system. Securing data has been established to advantageous as follows:
  • Information security keeps the information personal from unauthorized users.
  • It helps the information to be accurate.
  • It helps data obtainable to authorized users in the slightest degree times.
  • It will increase the confidentiality of information.
  • It helps in halting the various sorts of spam that infect the information.
  • It makes the information free from errors.
  • It depreciates the impact of security incidents.
  • It manages the acknowledgment of the message received by the receiver so as to safeguard from denial of message by the sender and conjointly protect the denial from the aspect of the receiver. It regulates the user to send somebody else message to a different user because the data has the encryption private key that cannot be encrypted by other users.

8.DISADVANTAGES OF INFORMATION SECURITY

Nowadays there's an outsized range of data which might be kept within the kind of bits and bytes and processed in digital type and hence use of cryptography is vital in use to make the information secured in encrypted form and solely licensed user can rewrite the information with the actual decoding key however the cryptography for the information is pricey, long , it should result in delay and needs additional budget on the upkeep of the personal key and originated the entire state of affairs in needed system. As technology is dynamical a day so users should purchase upgraded data security. Since the technology is usually dynamical nothing can ever be fully secure. It conjointly slows down productivity if the user constantly entering the password. Due to the high availability of the information security not only cryptography is sufficient, other methods must be used to prevent the threats and secure the important information.

9.CONCLUSION

Information security is plays an important role to protect information from unauthorized access and any kind of modification or deletion of information. It should not be taken lightly when considering the result of being compromised. Challenges to maintain the privacy and accuracy of information are taken into consideration. In this article, security issues of information are discussed. Through it is important to maintain the information from an unauthorized access to maintain privacy by ensuring the confidentiality, integrity, and availability of information.

10.REFERENCES

[1]https://searchsecurity.techtarget.com/definition
/information-security-infosec
[2]https://thefintechtimes.com/information-security/
[3]http://www.pearsonitcertification.com/articles/
article.aspx?p=2218577&seqNum=3
[4]https://www.cisco.com/c/en/us/products/security/
what-is-it-security.html
[5]https://www.uniassignment.com/essay-samples/
information-technology/importance-of-information-security-in-organizations
-information-technology-essay.php
[6]http://anton-capria.blogspot.com/2009/02/information
-security-advantages-and.html?m=1
[7]https://www.geeksforgeeks.org/what-is-information-security/amp/
[8]https://en.m.wikipedia.org/wiki/Information_security

Copyright © 2019, JIMS