Hello Techies,
This is my first blog post. I am starting this blog with the purpose "The Information Security"
As the name suggests information security is to protect information and keep it secure. It sounds very simple but Info Sec domain is as vast as Information Technology.
We will first understand what is Information and why to secure it. I would like to share my funny experience when my first interviewer asked me this question.
"what do you mean by information and what measure you will take to secure it from someone?"
Being a noob in the information security field. I just answered, "Ohh if I have some secret information then I will keep it inside locker and will not share with anybody."
Then he said okay by this you will achieve confidentiality but what if you need that information and your locker is at home.
Then I answered,"Umm okay I will scramble that data and keep it with me." he said,"Okay what if you have many pieces of information and you forgot the scrambling pattern of respective piece of information?" You will lose Integrity of your information.
At last he said,"If your confidential information lose its integrity and it will not be available when you need it then your purpose of securing information totally fails."
I was speechless just nodded and said,"Yeah true."
This is my first blog post. I am starting this blog with the purpose "The Information Security"
As the name suggests information security is to protect information and keep it secure. It sounds very simple but Info Sec domain is as vast as Information Technology.
We will first understand what is Information and why to secure it. I would like to share my funny experience when my first interviewer asked me this question.
"what do you mean by information and what measure you will take to secure it from someone?"
Being a noob in the information security field. I just answered, "Ohh if I have some secret information then I will keep it inside locker and will not share with anybody."
Then he said okay by this you will achieve confidentiality but what if you need that information and your locker is at home.
Then I answered,"Umm okay I will scramble that data and keep it with me." he said,"Okay what if you have many pieces of information and you forgot the scrambling pattern of respective piece of information?" You will lose Integrity of your information.
At last he said,"If your confidential information lose its integrity and it will not be available when you need it then your purpose of securing information totally fails."
I was speechless just nodded and said,"Yeah true."
Guys this incident taught me first lesson of Information security of my life. The 3
pillars of Info security C.I.A. triad (Confidentiality, Integrity and
Availability).
If
you want to protect data you must be confident enough that you are
keeping information secure from non-intended and non-authorized person
that is Confidentiality.
Whenever you need information It must be in its original form or has not altered by a non-authorized person that is Integrity.
and whenever there is a need your information must be available that is Availability.
Just for simplicity take a look at below image,
Traid look simple but whole Information security is based on this. Below is example of disaster when CIA get compromised.
- Sony's PlayStation Accounts Hacked
- Date: April 20, 2011
- Impact: 77 million PlayStation Network accounts hacked; Sony is said to have lost millions while the site was down for a month.
That's
it for now guys.I hope you have understood importance of information
security. In the next writ-ups I will share real life hacks and
impacts. Stay tuned....
Good post
ReplyDeleteThanks Sayali :)
ReplyDeleteThank you Ninad.
ReplyDeleteThis is helpful
prats : That was as simple as it could be. Very well explained.
ReplyDelete