Information Security means protecting your data and preventing unauthorized access from unauthorized persons. Information Security is used to preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. The Information Security Forum (ISF) has published the Standard of Good Practice for Information Security, which is a practical and comprehensive, business-focused guide to identifying and managing information security risks in organizations. The standardization of Information Security took place due to collaboration between academics and professionals. They set basic policies and defined standards for factors such as password, firewall, encryption software, and antivirus software.
Importance of Information Security
The information security is important in the organization because it can protect the confidential information, enables the organization function, also enables the safe operation of an application implemented on the organization’s Information Technology system, and the information is an asset for an organization. Information security is crucial in the organization. All information stored in the organization should be kept secure. Information security will be defined as the protection of data from any threats of virus.
Advantages & Disadvantages
1. Lower the risk and the impact of an incident to your assets, being your assets: Data, systems, facilities, devices, processes, personnel.
2. Ensure a high level of confidence in the availability, integrity and confidentiality of your asset.
3. Protection from malicious attacks on your network.
4. Prevents users from unauthorized access to the network.
5. Securing confidential information.
1. Usability, the more secure you try to make IT systems it becomes less user-friendly, you will need to find a balance.
2. Cost, the more security may mean more investment, try to make sense of the solution to be sure it makes sense and the cost is not higher than the asset you trying to protect.
3. People: more people need to be involved, especially important people within an organization.
4. Difficult to work with for non-technical users
5. Restrictive to resources