Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Information systems security, more commonly referred to as INFOSEC, refers to the processes and methodologies involved with keeping information confidential, available, and assuring its integrity.
It also refers to:
Information systems security does not just deal with computer information, but also protecting data and information in all of its forms, such as telephone conversations.
Risk assessments must be performed to determine what information poses the biggest risk. For example, one system may have the most important information on it and therefore will need more security measures to maintain security. Business continuity planning and disaster recovery planning are other facets of an information systems security professional. This professional will plan for what could happen if a major business disruption occurs, but still allow business to continue as usual.
The term is often used in the context of the U.S. Navy, who defines INFOSEC as:
COMPUSEC + COMSEC + TEMPEST = INFOSEC
Where COMPUSEC is computer systems security, COMSEC is communications security, and TEMPEST is compromising emanations.