‘Information security’ in the broadest sense is the protection of information and assets from malicious elements. Individuals and organizations are both subjected to virus, ransomware, data breach attacks and hence this concept of ‘information security’ applies to all. Let us see a few of the ‘Information security’ concepts being applied to organizations as well as individuals.
Physical security is one of the most easily understood concepts of Information security. CCTV cameras, security badges, biometrics, security guards are all examples of common physical security measures that can protect an organization.
For an individual again, physical security measures will involve security guards and CCTV cameras to protect vital resources at home.
‘Security policy’ is a physical document that states how the different assets are to be secured or how certain aspects in a company should be used (for example, how email should be used, how passwords should be constructed)
This concept comes into play as various organizations ponder how they should regulate emails, handle data breaches, implement password policy to name a few of the aspects. Implementing security policies from SANS institute will definitely improve the security posture of an organization.
Security policies hence form a vital block in any organization.
Some sectors such as the financial sector have to implement a much more robust security architecture. Banking websites will be prone to attacks and hence they have to harden their systems.
High prolific websites must make use of network security principles,encryption and end-point security to make sure that the data that they possess does not fall into wrong hands.
Identity and access management:
Most of the transactions today are conducted online. Just making sure that the correct individual is authenticated and given access to his online resources is the broad concept of identity management.
This again must be implemented in all websites that deal with shopping, banking, email and finance management.
In addition to the above concepts, firewalls, anti-virus software, VPN software are other examples of popular security measures that are used by individuals and organizations.
This post is for alphabet ‘U’ of the BlogchatterA2Z challenge… the previous alphabets are listed here: