information security


Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Acronyms, Wikipedia.

information security

The protection of data against unauthorized access. Programs and data can be secured by issuing passwords and digital certificates to authorized users. However, passwords only validate that a correct number has been entered, not that it is the actual person. Digital certificates and biometric techniques (fingerprints, eyes, voice, etc.) provide a more secure method (see authentication). After a user has been authenticated, sensitive data can be encrypted to prevent eavesdropping (see cryptography).

Authorized Users Can Be the Most Dangerous
Although precautions can be taken to authenticate users, it is much more difficult to determine if an authorized employee is doing something malicious. Someone may have valid access to an account for updating, but determining whether phony numbers are being entered requires a great deal more processing. The bottom line is that effective security measures are always a balance between technology and personnel management. See Parkerian hexad, information assurance, security scan, security audit, audit trail, NCSC, ICSA, access control, share-level security, user-level security and social engineering.


Facial Recognition
Facial recognition is one of the best ways to authenticate a person. This TrueFace system from Miros uses neural network technology to distinguish a face with different appearances, such as with and without glasses and changing hair styles. (Image courtesy of Miros, Inc.)
References in periodicals archive ?
Assistant to President - Secretary of Defense Council Kalmukhambet Kassymov at the session said that the information security influences economic, social, political aspects and becomes a key element of national security of the country.A special attention was paid to the problem of spreading false information aimed at distabilizing the situation.
Nelor has previously spent a decade at Societe Generale (SocGen) (SOGN.PA) (OTC: SCGLY) (GLE.FR), including most recently as chief information security officer for the Americas region.
In January 2018, Camelot received a new cycle of IS0-27001 information security management certification, which is inseparable from the Group's ongoing information security management system around the standard:
On this occasion, Shaikh Khalifa bin Ebrahim Al Khalifa, Chief Executive Officer of Bahrain Bourse, commented: Bahrain Bourse was keen to join the Information Security program 'Thiqa' (Trust) as part of its effective approach and commitment to the implementation of the international standards and best practices of information security.
"Information security is of importance to all of us, as more and more of our data is being accessed and utilized in ways that we may not even be aware of," said Renita Murimi, OBU associate professor of computer information science.
"We are constantly adapting to the rapidly transforming information security landscape of tomorrow and are ready to help your workforce do the same," said Sam Carter, while talking about the evolving information security landscape.
The staff responsible for information security should come together and all meetings should be on the record.
At the comprehensive training and testing facilities for cyber attacks that has been established within Omika Works (Hitachi City, Ibaraki Prefecture), Hitachi will leverage the experience and expertise that it has accumulated through its work in control systems for important infrastructures, along with the latest information technologies, to foster outstanding information security specialists both inside and outside of the Group.
However, in seeking help, credit unions must realize that the information security profession worldwide and domestically is growing in numbers, yet falling increasingly behind in meeting increasing market demand, according to the latest (ISC)2 Global Information Security Workforce Study, performed in partnership with Booz Allen Hamilton.
Landoll discusses contemporary information security policies, procedures, and standards from the point of view of a working IT professional.
We believe that technology alone is not enough to provide adequate information security and it needs personal awareness and responsibility which are considered the most important to any information security program.
Perhaps 2014 will become known as the annus horribilis for information security, where increasingly sophisticated cyber attacks started to inflict widespread financial, operational and reputational damage on firms across industry and geography.

Full browser ?