A comprehensive definition of Information Security is: ‘Information security is a set of strategies for managing the processes, tools and policies necessary to prevent, detect, document and counter threats to digital and non-digital information’. (Rouse, 2016)

One needs to establish a set of business processes that ensures the safety of the information assets. It does not matter how information is being formatted, whether it is in transition phase or is stored at a single place. The responsibility includes every kind of information that is related to you or your company and its relations. Information Security or Infosec programs are based on CIA triad objectives: maintaining the confidentiality, integrity and availability of IT systems and business data. (Rouse, 2016) [Read more…]