Information Assurance

What Does Information Assurance Mean?

Information Assurance (IA) refers to the steps involved in protecting information systems, like computer systems and networks. There are commonly five terms associated with the definition of information assurance:

  • Integrity
  • Availability
  • Authentication
  • Confidentiality
  • Nonrepudiation

IA is a field in and of itself. It can be thought of as a specialty of Information Technology (IT), because an IA specialist must have a thorough understanding of IT and how information systems work and are interconnected. With all of the threats that are now common in the IT world, such as viruses, worms, phishing attacks, social engineering, identity theft and more, a focus on protection against these threats is required. IA is that focus.

Techopedia Explains Information Assurance

Essentially, Information Assurance is protecting information systems through maintaining these five qualities of the system.

Integrity involves making sure that an information system remains unscathed and that no one has tampered with it. IA takes steps to maintain integrity, such as having anti-virus software in place so that data will not be altered or destroyed, and having policies in place so that users know how to properly utilize their systems to minimize malicious code from entering them.

Availability is the facet of IA where information must be available for use by those that are allowed to access it. Protecting the availability can involve protecting against malicious code, hackers and any other threat that could block access to the information system.

Authentication involves ensuring that users are who they say they are. Methods used for authentication are user names, passwords, biometrics, tokens and other devices. Authentication is also used in other ways — not just for identifying users, but also for identifying devices and data messages.

IA involves keeping information confidential. This means that only those authorized to view information are allowed access to it. Information needs to be kept confidential. This is commonly found, for example, in the military, where information is classified or only people with certain clearance levels are allowed access to highly confidential information.

The final pillar is nonrepudiation. This means that someone cannot deny having completed an action because there will be proof that they did it.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.