information security

Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Acronyms, Wikipedia.

information security

The protection of data against unauthorized access. Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered, not that it is the actual person. Digital certificates and biometric techniques (fingerprints, eyes, voice, etc.) provide a more secure method (see authentication). After a user has been authenticated, sensitive data can be encrypted to prevent eavesdropping (see cryptography).

Authorized Users Can Be the Most Dangerous
Although precautions can be taken to authenticate users, it is much more difficult to determine if an authorized employee is doing something malicious. Someone may have valid access to an account for updating, but determining whether phony numbers are being entered requires a great deal more processing. The bottom line is that effective security measures are always a balance between technology and personnel management. See Parkerian hexad, information assurance, security scan, security audit, audit trail, NCSC, ICSA, access control, share-level security, user-level security and social engineering.

Facial Recognition
Facial recognition is one of the best ways to authenticate a person. This TrueFace system from Miros uses neural network technology to distinguish a face with different appearances, such as with and without glasses and changing hair styles. (Image courtesy of Miros, Inc.)
References in periodicals archive ?
Due to the diversity of security topics, many novice instructors often have a hard time in teaching information security courses.
Today, public and private EU organizations gather data on information technology (IT) incidents and other data relevant to information security.
A pioneer in computer security and a co-founder and longtime board member of (ISC)2, Murray has made significant contributions to the literature and practice of information security and is a popular speaker on such topics as network security architecture, encryption, PKI and Secure Electronic Commerce.
As part of its information security professional education program, (ISC)2 offers over 350 CBK Review Seminars per year in eight languages and in over 40 countries.
Schmidt, an information security industry veteran and former cyber-security advisor to the White House.
ISC)2 developed the ISSAP credential to provide information security professionals with a mechanism to demonstrate their knowledge and skills in the more in-depth and concentrated requirements of information security architecture," said Ed Zeitler, executive director of (ISC)2.
Cybertrust SMP Enterprise Certification validates that Clarke American's information security controls, policies and procedures were examined, measured and validated against a stringent set of information security standards.
Beyond possessing extensive knowledge of the information security profession at the highest levels, we selected Mr.
The (ISC)2 CISSP CBK is a taxonomy of information security topics organized into 10 domains.
Our Security Promise is our utmost commitment to information security and maintaining confidentiality of our clients' data.
based information security professional who demonstrates innovation and leadership in ensuring effective security for an organization and who is expected to have a lasting impact on the field of information security.

Full browser ?