I have studied information security in my bachelor’s of technology. At that time it did not interest me but later on, I came to know the importance of information security. As any data which is logical is information and this valuable information must be protected from unauthorized persons, a natural calamity, or human error. The purpose of information security is to protect an organization’s valuable assets such as information, hardware, and software. So to prevent or minimize the impact of security vulnerability we need to follow these basic information security principles.
Principles of information security:
Confidentiality: Information can only be seen by the user.
Integrity: Information cannot be changed without the user’s permission.
Availability: Information is available whenever the user needs the information.
These are also called CIA triads.
We can understand this with an example of a bank system. Suppose a person goes to an ATM for cash withdrawal. At first, he/she needs an atm card then he/she needs the password to access his/her account details, this represents the concept of confidentiality. Then after withdrawal of money, he/she gets the SMS alert which shows the concept of integrity, and also his/her balance is available to them all the time, this is an example of availability.