Information Security – Essay Example

Download full paperFile format: .doc, available for editing

Information SecurityIntroductionInformation security refers to the maintenance of privacy and integrity within the storage and transmission of information. Anytime unauthorized user accesses any kind of organizational information, the organizational security is breached. Information breach can be classified into five general groupings: messages interception, stealing stored information, changing or destroying information belonging to another party, spoofing as well as denial service which is the intentional shutdown of service machines. Hackers, intelligence bodies, criminals, business competitors, unhappy workers as well as other parties can try to infringe information security. Information security is about protection of information as well as information systems from unauthorized access, use, leak, disruption, modification, scrutiny, inspection or obliteration.

Business organizations have a lot of confidential information regarding their workers, clients, products and financial status. Most of this data is collected, processed and stored electronically and transmitted across networks to other storage devices. In case confidential information regarding a business’ clients or financial status is accessed by its competitors, such security breach can result into business loss, law suits and also business insolvency. As a result, protecting the organizational confidential information is a business obligation (Gregory 25-26).

There are several tools used in tightening information security, and it includes software scans for computer viruses or that safeguard against unauthorized infringement into computer systems from the networks; password systems, encrypting the messages and databases, physical access for computers, discs, pass cards, credit cards in addition to other equipments storing sensitive data. Whereas all these are vital when operating businesses, passwords along with encryption are possibly the most significant. It is easy to use the passwords. However, passwords alone cannot provide a high level security for many users.

First, most users are made to provide passwords for several varying systems including, banking, e-mail, shopping and such. Therefore, users are tempted to use short passwords which are simpler to remember and use the same password for several systems and this results into domino effect in case the password is guessed (Thomas 56). Cryptography is the procedure by which plaintext is encrypted to a ciphertext before being transmitted or stored, then decrypted when the authorized user wants to read the plaintext. Debatably, this is the most definitive means of information security.

Proper cryptography can protect the security of messages being transmitted and the database information. It can also by “authentication” act as a super-password system where the identity of the user can be confidently verified. Nevertheless, cryptography in a business organization augments the complexity, increases the costs and can result to shutdown of the systems (Chris 65). Information Security ComponentsThese components include, confidentiality, integrity in addition to Availability. Basically, information systems has three major portions namely, hardware, software and communications whose main aim is the identification and the application of information security standards as means of protection and prevention, at three heights; physical, personal and organizational.

Fundamentally, there are implemented policies for informing people on how to utilize products and on how to make sure that there is information security in the organizations. Therefore, information security involves protecting the information as well as information systems against unauthorized access or information interference, whether in storage, processing, or transfer and against denying of services to the authorized users. Information security comprises the measures essential for detecting, documenting and countering such information security threats.

Information security consists of computer security along with communications security (Chris 66-68).

Download full paperFile format: .doc, available for editing
Contact Us