With the development of technology and information in different ways, as well as the data exchange tools known as data transfer from one place to another over the network, the security of these data and information has become a very important issue to prevent large losses at all levels.
Definition of Information Security
Information security can be defined as the science that works to protect information from internal or external risks by providing the necessary tools.
The Importance of Information Security
Undoubtedly, the field of information security is very important because it protects information from threats around it, and provides protection and security against malware, the greatest enemy of computers. Since the field of information security is indispensable, it is a vital, renewable and very necessary field. This field is common in Western universities, it is also taught in some Arab universities, and professional certificates such as (CISSP / Certified Information Systems Security Professional) and (CEH / Certified Ethical Hacker) certificates are issued.
The importance of information security is evident in the set of principles and foundations that this field is committed to providing, which can be clarified as the followings:
Privacy: The privacy policy means that no information can be disclosed to any unauthorized person by preventing anyone from accessing another person's device's systems and accessing their private files.
Integration: It means preserving complete data in its original form, without allowing any person to tamper with it by deleting or modifying it, whether intentionally or unintentionally.
Availability: It means that you can access data easily and quickly when needed, and not allow any individual or entity to suddenly interrupt the service.
Authentication: This means that when a conversation is held, each party guarantees that it is speaking with the intended person, without any third party accessing that conversation.
Non-Repudiation: It means not being able to deny or deny the messages you sent, and it is largely related to authentication, i.e. the credibility of identifying both the sender and the addressee.
Access Control: It means ensuring that your message, including data or information, is completely confidential to the recipient, without allowing any other party to spy and reveal that message before receiving it.
Information Security Threateners
There are many things that threaten information security, including:
Viruses: These are programs specially designed to penetrate different devices, steal or destroy their data. These programs can access devices via email, materials downloaded from unsafe sources, or pirated disks.
Attacking Information Sent: This occurs while sending information via the Internet or mobile phones, with the aim of stealing or misrepresenting that information before it reaches the intended destination.
Full Control: It means the hacker has full control of the user's device and all the data and files in it. In this way, the hacker can completely monitor the owner of the device.
Misinformation: It means that the hacker gets the name of a person known or trusted by the targeted person in order to see the information that he or she has no right to see.