Uploaded byCabdullhiY
PPTX, PDF53 views

SECURING INFORMATION SYSTEM 1.pptx

An information system combines hardware, software, networks, databases, and human resources to collect, create, and distribute useful data within an organization. The three core principles of information system security are confidentiality, integrity, and availability, known collectively as the CIA Triad. Confidentiality aims to keep information private, integrity ensures data is accurate and unaltered, and availability means systems and data are accessible when needed. Securing information systems protects against threats like hacking, cyberattacks, and data theft that could compromise confidential information or disrupt systems.

Embed presentation

Download to read offline
SECURING INFORMATION SYSTEM
WHAT IS INFORMATION SYSTEM ?  An Information system is a combination of hardware and software and telecommunication networks that people build to collect, create and distribute useful data, typically in an organization. It defines the flow of information within the system. The objective of an information system is to provide appropriate information to the user, to gather the data, process the data and communicate information to the user of the system.
COMPONENTS OF INFORMATION SYTEM
They are five components  1. Computer Hardware: Physical equipment used for input, output and processing. The hardware structure depends upon the type and size of the organization. It consists of an input and an output device, operating system, processor, and media devices. This also includes computer peripheral devices.  2. Computer Software: The programs/ application program used to control and coordinate the hardware components. It is used for analysing and processing of the data. These programs include a set of instruction used for processing information.
CONTINUE….  3. Databases: Data are the raw facts and figures that are unorganized that are later processed to generate information. Softwares are used for organizing and serving data to the user, managing physical storage of media and virtual resources. As the hardware can’t work without software the same as software needs data for processing. Data are managed using Database management system. Database software is used for efficient access for required data, and to manage knowledge bases.
Continue….  4. Network: • Networks resources refer to the telecommunication networks like the intranet, extranet and the internet. • These resources facilitate the flow of information in the organization. • Networks consists of both the physicals devices such as networks cards, routers, hubs and cables and software such as operating systems, web servers, data servers and application servers. • Telecommunications networks consist of computers, communications processors, and other devices interconnected by communications media and controlled by software. • Networks include communication media, and Network Support.
Continue…  5. Human Resources: It is associated with the manpower required to run and manage the system. People are the end user of the information system, end- user use information produced for their own purpose, the main purpose of the information system is to benefit the end user. The end user can be accountants, engineers, salespersons, customers, clerks, or managers etc. People are also responsible to develop and operate information systems. They include systems analysts, computer operators, programmers, and other clerical IS personnel, and managerial techniques.
Some common characteristics of information systems include following:  Data stored in electronic form  Processing of all types of inputs including visual, audio, and video  Capable of handling high volumes of data with minimal effort
Securing information systems  Information systems security, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.  Protection from harm, including :  Theft of information  Alteration of information.
Theft of information  Information theft or data theft is the act of stealing digital information stored on computers, servers, or electronic devices to obtain confidential information or compromise privacy.  The data stolen can be anything from bank account information, online passwords, passport numbers, driver's license numbers, social security numbers, medical records, online subscriptions, and so on.
CONTINUE..  Once an unauthorized person has access to personal or financial information, they can delete, alter, or prevent access to it without the owner’s permission.  If data thieves steal enough information, they can use it to gain access to secure accounts, set up credit cards using the victim’s name, or otherwise use the victim’s identity to benefit themselves.
How does data theft happen  Data theft or digital theft occurs through a variety of means. Some of the most common include:  Weak passwords: Using a password that is easy to guess, or using the same password for multiple accounts, can allow attackers to gain access to data. Poor password habits – such as writing passwords down on a piece of paper or sharing them with others – can also lead to data theft.
CONTINUE..  Database or server problems  If a company storing your information is attacked because of a database or server problem, the attacker could access customers' personal information.  Compromised downloads  An individual might download programs or data from compromised websites infected by viruses like worms or malware. This gives criminals unauthorized access to their devices, allowing them to steal data.
CONTINUE..  System vulnerabilities:  Poorly written software applications or network systems that are poorly designed or implemented create vulnerabilities that hackers can exploit and use to steal data. Antivirus software that is out of date can also create vulnerabilities.
CONTINUE..  Use secure passwords  Passwords can be easily cracked by hackers, particularly if you don't use a strong password. A strong password is at least 12 characters or longer and comprises a mix of upper- and lower-case letters plus symbols and numbers. The shorter and less complex your password is, the easier it is for cybercriminals to crack.
CONTINUE..  You should avoid choosing something obvious – such as sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or a pet’s name.
CONTINUE..  Avoid using the same password for multiple accounts If you use the same password for multiple accounts, if a hacker cracks your password on one website, they also have access to many more. Remember to change your passwords regularly – every six months or so.
CONTINUE..  Avoid writing down your passwords  Writing a password down anywhere leaves it susceptible to being found by hackers, whether it’s on a piece of paper, in an Excel spreadsheet, or in the Notes app on your phone. If you have too many passwords to remember, consider using a password manager to help you keep track.
Hacking  is the act of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals.
CONTINUE..  Hacking refers to the misuse of devices like computers, Smartphone's, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
Types of Hackers  Black Hat Hackers  Black hat hackers are the "bad guys" of the hacking scene.  They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign.
CONTINUE..  These individuals’ actions can inflict serious damage on both computer users and the organizations they work for.  They can steal sensitive personal information, compromise computer and financial systems, and alter or take down the functionality of websites and critical networks.
CONTINUE..  White Hat Hackers  White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their technical skills to break into systems to assess and test the level of network security, also known as ethical hacking
CONTINUE..  This helps expose vulnerabilities in systems before black hat hackers can detect and exploit them.  Grey Hat Hackers  Grey hat hackers sit somewhere between the good and the bad guys.
CONTINUE..  Unlike black hat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially.  Their actions are typically carried out for the common good. For example, they may exploit a vulnerability to raise awareness that it exists, but unlike white hat hackers, they do so publicly. This alerts malicious actors to the existence of the vulnerability.
Cyber attack  A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
Most Common Cyber attacks  Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
malware can do the following  Blocks access to key components of the network (ransom ware)  Installs malware or additional harmful software  Covertly obtains information by transmitting data from the hard drive (spyware)  Disrupts certain components and renders the system inoperable
Phishing  is the practice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
Denial-of-service attack  A denial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of- service (DDoS) attack.
SQL injection  A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box. Learn how to defend against SQL injection attacks.
Zero-day exploit  A zero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
Principles of Information System Security What are the three information sytem security principles?  Confidentiality, integrity, and availability are the three core concepts of information security. More than one of these principles must be implemented in every aspect of the information security program. The CIA Triad is their collective name.
CONTINUE..  Confidentiality Confidentiality safeguards are in place to avoid unauthorized information dissemination. The confidentiality principle's goal is to keep personal information confidential and only make it public and available to those who possess it or need it to accomplish their organizational tasks.
CONTINUE…  Integrity Protection against unwanted data modifications (additions, deletions, revisions, and so on) is included in consistency. The integrity principle assures that data is correct and dependable, and that it is not tampered with in any way, whether mistakenly or deliberately.
CONTINUE…  Availability  The capacity of a system to create software systems and data completely accessible when a customer requires it is known as availability. The goal of availability is to develop technological infrastructure, applications, and data accessible when they're required for a business process or by a company's customers.

More Related Content

PPTX
Computer security
byEktaVaswani2
 
PPTX
Internet security powerpoint
byArifa Ali
 
PPTX
Internet security powerpoint
byArifa Ali
 
PPTX
Need for security attacks and threats Chap 2.pptx
bysania82678
 
PPTX
IT Threats and Computer Security
byKongChunLeong1
 
PPTX
Computer security
bysruthiKrishnaG
 
PPTX
Cyber security
byNimesh Gajjar
 
PPTX
Chapter-10-Information Security and Cyber Crime.pptx
byreaz4524
 
Computer security
byEktaVaswani2
 
Internet security powerpoint
byArifa Ali
 
Internet security powerpoint
byArifa Ali
 
Need for security attacks and threats Chap 2.pptx
bysania82678
 
IT Threats and Computer Security
byKongChunLeong1
 
Computer security
bysruthiKrishnaG
 
Cyber security
byNimesh Gajjar
 
Chapter-10-Information Security and Cyber Crime.pptx
byreaz4524
 

Similar to SECURING INFORMATION SYSTEM 1.pptx

PPTX
Ethical hacking ppt
byNitesh Dubey
 
PPTX
Computer ethics
byRitikaSharma238
 
PPTX
InformationSecurity
bylearnt
 
PPTX
Security in web based attacks and application.pptx
byumanggargcse
 
PPTX
Computer security and
byRana Usman Sattar
 
PPTX
What is cyber security
byAdvAbdulMueedAhmad
 
PPTX
Management Information Systems ( Security and Control.pptx
byNamugenyiBetty
 
PPTX
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
DOCX
THESIS-2(2)
byElsayed Muhammad
 
PPT
MIS part 4_CH 11.ppt
byEndAlk15
 
PPT
Introduction To Ethical Hacking
bychakrekevin
 
PPTX
USG_Security_Awareness_Primer (1).pptx
byssuser59e4b8
 
PPTX
USG_Security_Awareness_Primer.pptx
bysumita02
 
PPTX
Awareness Security 123.pptx
byRajuSingh730938
 
PPTX
USG_Security_Awareness_Primer.pptx
byBilmyRikas
 
PPT
Cyber security & Importance of Cyber Security
byMohammed Adam
 
PDF
cybersecurity-180303131014.pdf
byyashgupta810747
 
PPTX
Cyber security
bygogulraj25
 
PPTX
Data protection and security
bysamina khan
 
PPTX
Information security threats
bycomplianceonline123
 
Ethical hacking ppt
byNitesh Dubey
 
Computer ethics
byRitikaSharma238
 
InformationSecurity
bylearnt
 
Security in web based attacks and application.pptx
byumanggargcse
 
Computer security and
byRana Usman Sattar
 
What is cyber security
byAdvAbdulMueedAhmad
 
Management Information Systems ( Security and Control.pptx
byNamugenyiBetty
 
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOV
byEric Vanderburg
 
THESIS-2(2)
byElsayed Muhammad
 
MIS part 4_CH 11.ppt
byEndAlk15
 
Introduction To Ethical Hacking
bychakrekevin
 
USG_Security_Awareness_Primer (1).pptx
byssuser59e4b8
 
USG_Security_Awareness_Primer.pptx
bysumita02
 
Awareness Security 123.pptx
byRajuSingh730938
 
USG_Security_Awareness_Primer.pptx
byBilmyRikas
 
Cyber security & Importance of Cyber Security
byMohammed Adam
 
cybersecurity-180303131014.pdf
byyashgupta810747
 
Cyber security
bygogulraj25
 
Data protection and security
bysamina khan
 
Information security threats
bycomplianceonline123
 

Recently uploaded

PPTX
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
PPTX
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
PPTX
How to Add an Icon in Systray in Odoo 18
byCeline George
 
PPTX
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
PPTX
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
PDF
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
PPTX
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 
PDF
Bones by Sadu Kassam (play) story ppt pdf
byRonnieMaeBorres
 
PPTX
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
PDF
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
PDF
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
PDF
Chapter 05 Drugs Acting on the Central Nervous System: Anticonvulsant (Antiep...
bySandeshSul
 
PPTX
Fluorimetric Analysis- Theory, Instrumentation and Application
bySayali Powar
 
PPTX
Greengnorance Toolkit Module 5 Waste Management
byKarl Donert
 
PDF
Tetracycline Class of Antibiotics: SAR, MOA and Uses
bymominzarinamdnajeeb
 
PPTX
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
PPTX
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
PPTX
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
PDF
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
PPTX
Greengnorance Toolkit Module 3 Shopping and Food
byKarl Donert
 
How to Create_Generate Engineering Change Orders ECOs in Odoo 18
byCeline George
 
Problem and Solution (PowerPoint Game Template)
byacpaulite
 
How to Add an Icon in Systray in Odoo 18
byCeline George
 
Math 8 Quarter 4 Week 4-SECONDARY DATA.pptx
byshahanieabbat3
 
Overview of How to set priority in Odoo 19 Todo
byCeline George
 
Workshop 29 Crystal Review All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
MEMORY &FORGETTING. Shilpa Hotakar.Psychology pptx
bySHILPA HOTAKAR
 
Bones by Sadu Kassam (play) story ppt pdf
byRonnieMaeBorres
 
WEEK 2 (2).pptx TLE COOKERY 10 QUARTER 4
byResynFayeCortez2
 
Judgement Regarding Land Acquisition Act not Applicable to Encroachers.pdf
byssuser9d8e4e
 
AI Is a Tool, Not a Voice: Radio, Trust, and the Human Factor
byN.A. Shah Ansari
 
Chapter 05 Drugs Acting on the Central Nervous System: Anticonvulsant (Antiep...
bySandeshSul
 
Fluorimetric Analysis- Theory, Instrumentation and Application
bySayali Powar
 
Greengnorance Toolkit Module 5 Waste Management
byKarl Donert
 
Tetracycline Class of Antibiotics: SAR, MOA and Uses
bymominzarinamdnajeeb
 
How to Track & Manage My Time Section in Odoo 18 Time Off
byCeline George
 
Q4_PPT MUSIC & ARTS 7 week 1-2, matatag curriculum
byZEN
 
Greengnorance Toolkit Module 6 Water Resources
byKarl Donert
 
Orlando by Virginia Woolf: The Granite and The Rainbow
byAdityarajsinh Gohil
 
Greengnorance Toolkit Module 3 Shopping and Food
byKarl Donert
 

SECURING INFORMATION SYSTEM 1.pptx

  • 1.
  • 2.
    WHAT IS INFORMATIONSYSTEM ?  An Information system is a combination of hardware and software and telecommunication networks that people build to collect, create and distribute useful data, typically in an organization. It defines the flow of information within the system. The objective of an information system is to provide appropriate information to the user, to gather the data, process the data and communicate information to the user of the system.
  • 3.
  • 4.
    They are fivecomponents  1. Computer Hardware: Physical equipment used for input, output and processing. The hardware structure depends upon the type and size of the organization. It consists of an input and an output device, operating system, processor, and media devices. This also includes computer peripheral devices.  2. Computer Software: The programs/ application program used to control and coordinate the hardware components. It is used for analysing and processing of the data. These programs include a set of instruction used for processing information.
  • 5.
    CONTINUE….  3. Databases: Dataare the raw facts and figures that are unorganized that are later processed to generate information. Softwares are used for organizing and serving data to the user, managing physical storage of media and virtual resources. As the hardware can’t work without software the same as software needs data for processing. Data are managed using Database management system. Database software is used for efficient access for required data, and to manage knowledge bases.
  • 6.
    Continue….  4. Network: •Networks resources refer to the telecommunication networks like the intranet, extranet and the internet. • These resources facilitate the flow of information in the organization. • Networks consists of both the physicals devices such as networks cards, routers, hubs and cables and software such as operating systems, web servers, data servers and application servers. • Telecommunications networks consist of computers, communications processors, and other devices interconnected by communications media and controlled by software. • Networks include communication media, and Network Support.
  • 7.
    Continue…  5. HumanResources: It is associated with the manpower required to run and manage the system. People are the end user of the information system, end- user use information produced for their own purpose, the main purpose of the information system is to benefit the end user. The end user can be accountants, engineers, salespersons, customers, clerks, or managers etc. People are also responsible to develop and operate information systems. They include systems analysts, computer operators, programmers, and other clerical IS personnel, and managerial techniques.
  • 8.
    Some common characteristicsof information systems include following:  Data stored in electronic form  Processing of all types of inputs including visual, audio, and video  Capable of handling high volumes of data with minimal effort
  • 9.
    Securing information systems Information systems security, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.  Protection from harm, including :  Theft of information  Alteration of information.
  • 10.
    Theft of information Information theft or data theft is the act of stealing digital information stored on computers, servers, or electronic devices to obtain confidential information or compromise privacy.  The data stolen can be anything from bank account information, online passwords, passport numbers, driver's license numbers, social security numbers, medical records, online subscriptions, and so on.
  • 11.
    CONTINUE..  Once anunauthorized person has access to personal or financial information, they can delete, alter, or prevent access to it without the owner’s permission.  If data thieves steal enough information, they can use it to gain access to secure accounts, set up credit cards using the victim’s name, or otherwise use the victim’s identity to benefit themselves.
  • 12.
    How does datatheft happen  Data theft or digital theft occurs through a variety of means. Some of the most common include:  Weak passwords: Using a password that is easy to guess, or using the same password for multiple accounts, can allow attackers to gain access to data. Poor password habits – such as writing passwords down on a piece of paper or sharing them with others – can also lead to data theft.
  • 13.
    CONTINUE..  Database orserver problems  If a company storing your information is attacked because of a database or server problem, the attacker could access customers' personal information.  Compromised downloads  An individual might download programs or data from compromised websites infected by viruses like worms or malware. This gives criminals unauthorized access to their devices, allowing them to steal data.
  • 14.
    CONTINUE..  System vulnerabilities: Poorly written software applications or network systems that are poorly designed or implemented create vulnerabilities that hackers can exploit and use to steal data. Antivirus software that is out of date can also create vulnerabilities.
  • 15.
    CONTINUE..  Use securepasswords  Passwords can be easily cracked by hackers, particularly if you don't use a strong password. A strong password is at least 12 characters or longer and comprises a mix of upper- and lower-case letters plus symbols and numbers. The shorter and less complex your password is, the easier it is for cybercriminals to crack.
  • 16.
    CONTINUE..  You shouldavoid choosing something obvious – such as sequential numbers (“1234”) or personal information that someone who knows you might guess, such as your date of birth or a pet’s name.
  • 17.
    CONTINUE..  Avoid usingthe same password for multiple accounts If you use the same password for multiple accounts, if a hacker cracks your password on one website, they also have access to many more. Remember to change your passwords regularly – every six months or so.
  • 18.
    CONTINUE..  Avoid writingdown your passwords  Writing a password down anywhere leaves it susceptible to being found by hackers, whether it’s on a piece of paper, in an Excel spreadsheet, or in the Notes app on your phone. If you have too many passwords to remember, consider using a password manager to help you keep track.
  • 19.
    Hacking  is theact of compromising digital devices and networks through unauthorized access to an account or computer system. Hacking is not always a malicious act, but it is most commonly associated with illegal activity and data theft by cyber criminals.
  • 20.
    CONTINUE..  Hacking refersto the misuse of devices like computers, Smartphone's, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
  • 21.
    Types of Hackers Black Hat Hackers  Black hat hackers are the "bad guys" of the hacking scene.  They go out of their way to discover vulnerabilities in computer systems and software to exploit them for financial gain or for more malicious purposes, such as to gain reputation, carry out corporate espionage, or as part of a nation-state hacking campaign.
  • 22.
    CONTINUE..  These individuals’actions can inflict serious damage on both computer users and the organizations they work for.  They can steal sensitive personal information, compromise computer and financial systems, and alter or take down the functionality of websites and critical networks.
  • 23.
    CONTINUE..  White HatHackers  White hat hackers can be seen as the “good guys” who attempt to prevent the success of black hat hackers through proactive hacking. They use their technical skills to break into systems to assess and test the level of network security, also known as ethical hacking
  • 24.
    CONTINUE..  This helpsexpose vulnerabilities in systems before black hat hackers can detect and exploit them.  Grey Hat Hackers  Grey hat hackers sit somewhere between the good and the bad guys.
  • 25.
    CONTINUE..  Unlike blackhat hackers, they attempt to violate standards and principles but without intending to do harm or gain financially.  Their actions are typically carried out for the common good. For example, they may exploit a vulnerability to raise awareness that it exists, but unlike white hat hackers, they do so publicly. This alerts malicious actors to the existence of the vulnerability.
  • 26.
    Cyber attack  Acyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization. Usually, the attacker seeks some type of benefit from disrupting the victim’s network.
  • 27.
    Most Common Cyberattacks  Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
  • 28.
    malware can dothe following  Blocks access to key components of the network (ransom ware)  Installs malware or additional harmful software  Covertly obtains information by transmitting data from the hard drive (spyware)  Disrupts certain components and renders the system inoperable
  • 29.
    Phishing  is thepractice of sending fraudulent communications that appear to come from a reputable source, usually through email. The goal is to steal sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing is an increasingly common cyber threat.
  • 30.
    Denial-of-service attack  Adenial-of-service attack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple compromised devices to launch this attack. This is known as a distributed-denial-of- service (DDoS) attack.
  • 31.
    SQL injection  AStructured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL and forces the server to reveal information it normally would not. An attacker could carry out a SQL injection simply by submitting malicious code into a vulnerable website search box. Learn how to defend against SQL injection attacks.
  • 32.
    Zero-day exploit  Azero-day exploit hits after a network vulnerability is announced but before a patch or solution is implemented. Attackers target the disclosed vulnerability during this window of time. Zero-day vulnerability threat detection requires constant awareness.
  • 33.
    Principles of InformationSystem Security What are the three information sytem security principles?  Confidentiality, integrity, and availability are the three core concepts of information security. More than one of these principles must be implemented in every aspect of the information security program. The CIA Triad is their collective name.
  • 34.
    CONTINUE..  Confidentiality Confidentiality safeguardsare in place to avoid unauthorized information dissemination. The confidentiality principle's goal is to keep personal information confidential and only make it public and available to those who possess it or need it to accomplish their organizational tasks.
  • 35.
    CONTINUE…  Integrity Protection againstunwanted data modifications (additions, deletions, revisions, and so on) is included in consistency. The integrity principle assures that data is correct and dependable, and that it is not tampered with in any way, whether mistakenly or deliberately.
  • 36.
    CONTINUE…  Availability  Thecapacity of a system to create software systems and data completely accessible when a customer requires it is known as availability. The goal of availability is to develop technological infrastructure, applications, and data accessible when they're required for a business process or by a company's customers.