Page 42 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 42
Information Security and Privacy
Notes 3.4.2 Integrity
The second pillar is known as integrity of the information. This is related with the eminence and
dependability of information; like management can be guaranteed that the information on
which decisions are relied has not been tailored dishonestly or else when the data is transferred,
captured and accumulated. One method of offering integrity is to link a particular indicator or
message digest at the end of the message that is going to be sent. If this digest remains undamaged
during transit then the integrity has been conserved. Integrity signifies that an asset or information
can only be tailored by authorized parties or only in authorized manners.
3.4.3 Availability
The third pillar is the availability of the information. When systems or data are unavailable,
opportunities may be vanished, deadlines missed or commitments evaded. Work progress
could be weakened if the information is not available when it is needed. Even if the information
is precisely what is required to fulfill business requirements, if it is not available when required
to accomplish a task, it turns out to be useless.
Confidentiality, integrity and availability are broadly acknowledged as the three vital pillars of
information security. Without sufficient safety in place to avert illegal activities, an organization’s
most significant asset, namely its information, is at risk. Thus, it is significant that this asset be
secluded and secured by means of these three pillars. There, are additional support structures of
information security that could be used in combination with the three main pillars to balance
them, namely; identification and authentication, access control/authentication and non-denial.
Notes Information security is tremendously significant to the well-being of any
organization and, therefore, it is necessary to guarantee the pillars of confidentiality,
integrity and availability. There are, however, many troubles or false opinions encountered
when making sure that information security is a part of an organization.
Self Assessment
Fill in the blanks:
12. ....................... means that sensitive information must be prohibited from being revealed to
illegal parties.
13. ....................... signifies that an asset or information can only be tailored by authorized
parties or only in authorized manners.
3.5 Information Classification
We can categorize the information on the basis of the purpose for which the information is
utilized. Broadly, we can categories information as following:
1. Strategic Information: Strategic information is the information needed for long range
and strategic decisions. Strategic decisions are taken by the top management people.
Strategic information is required for planning and policy formulation of the business.
Strategic information includes information concerned with new technologies, market
availability, raw-material costs, new product developments, manpower planning and
competitors, etc.
36 LOVELY PROFESSIONAL UNIVERSITY
