The Three Pillars of Information Protection

Information security is the process of reducing risk by creating secure systems that reduce or eliminate vulnerabilities that could be exploited to gain unauthorized access to sensitive business or personal information. It also includes a variety of technological solutions such as firewalls, antivirus and encryption to protect against damage caused by data theft or loss. This area is often referred to as InfoSec and has evolved into a specialized field that covers everything from security of networks and infrastructure to auditing and testing.

Whatever the size or nature, every business holds sensitive information. This includes names as well as credit card or other account details, Social Security numbers, employee records and other confidential information. If misused these details could be used to commit fraud or identity theft, and can have devastating consequences to the reputation of a business.

A comprehensive strategy for protecting information is vital to safeguard a business from incidents and to ensure compliance with regulations. In this regard, it’s important to remember that there are three pillars of security for information that are important to consider: integrity, confidentiality and accessibility.

Confidentiality is the term used to protect data from unauthorized disclosure and keeping it only accessible to those who are authorized to do so. This can be accomplished with simple solutions such as using strong passwords and frequent changes, using encryption to block information so it can only be read by those who have the key, or utilizing messaging platforms that secure your messages. Another aspect of protecting information is the ability to ensure that information is always available and can be restored in case of a disaster or system failure. This is achieved by backups and archive solutions.