Scribd
Upload
35 views6 pages

Information Security 1

Is a computing topic

Uploaded by

eg3363068
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
35 views6 pages

Information Security 1

Is a computing topic

Uploaded by

eg3363068
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

3.

JHS 2 Information security 1


Today 7 40 pm Life
Information security, often abbreviated as
InfoSec, refers to the practice of protecting
information and information systems from
unauthorized access, use, disclosure,
disruption, modi cation, or destruction. It
encompasses a broad range of measures,
policies, procedures, and technologies
designed to safeguard the con dentiality,
integrity, and availability of information
assets.
Reasons for information security
are:
1. **Con dentiality:**
Ensuring that information is accessible
only to those authorized to access it and
preventing unauthorized disclosure to third
pa ies.
2. **Integrity:**
Ensuring that information is accurate,
complete, and trustwo hy and protecting
it from unauthorized modi cation or
tampering.
3. **Availability:**
Ensuring that information and information
systems are available and accessible to
authorized users when needed and
protected from denial of se ice attacks or
other disruptions.
Ensuring Information security
involves various components and
practices, including:
1 **Access Control:**
Implementing mechanisms to control and
manage access to information and
resources based on user roles, permissions,
and authentication methods.
2. **Enc ption:**
Using enc ption techniques to encode
information in a way that only authorized
users can dec pt and access it, protecting
data from unauthorized interception or
theft.
3. **Firewalls and Intrusion Detection
Systems (IDS):**
Deploying rewalls and IDS to monitor
and control network tra c, detect and
prevent unauthorized access, and respond
to security incidents in real-time.
4. **Security Awareness Training:**
Educating users about security best
practices, threats, and risks, and promoting
a security-conscious culture within an
organization.
5. **Incident Response and
Management:** Establishing procedures
and protocols to detect, respond to, and
recover from security incidents, breaches,
or disruptions.
6. **Risk Management:** Identifying,
assessing, and mitigating security risks and
vulnerabilities to minimize the likelihood
and impact of security breaches.
7. **Compliance and Governance:**
Ensuring compliance with legal, regulato ,
and indust standards related to
information security and establishing
governance frameworks to oversee and
enforce security policies and practices.
E ective information security requires a
comprehensive and proactive approach
that addresses the evolving threat
landscape, adopts indust best practices,
and continuously monitors and improves
security controls to protect against
emerging threats and vulnerabilities.
Kindly study the note for discussion on our
next meeting... Thank you

You might also like