Information Systems Security

What Does Information Systems Security Mean?

Information systems security, more commonly referred to as INFOSEC, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.

Advertisements

It also refers to:

  • Access controls, which prevent unauthorized personnel from entering or accessing a system.
  • Protecting information no matter where that information is, i.e. in transit (such as in an email) or in a storage area.
  • The detection and remediation of security breaches, as well as documenting those events.

Techopedia Explains Information Systems Security

Information systems security does not just deal with computer information, but also protecting data and information in all of its forms, such as telephone conversations.

Risk assessments must be performed to determine what information poses the biggest risk. For example, one system may have the most important information on it and therefore will need more security measures to maintain security. Business continuity planning and disaster recovery planning are other facets of an information systems security professional. This professional will plan for what could happen if a major business disruption occurs, but still allow business to continue as usual.

The term is often used in the context of the U.S. Navy, who defines INFOSEC as:

COMPUSEC + COMSEC + TEMPEST = INFOSEC

Where COMPUSEC is computer systems security, COMSEC is communications security, and TEMPEST is compromising emanations.

Advertisements

Related Terms

Margaret Rouse

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.