You are here: Home General Information Security

Information Security

Protection of information

 

Everyone carries the front door key to protect their home and takes good care of it. This is because we feel our home and what is in the home is worth protecting. A lockable door and its key is meant to protect our property as well as our privacy. However, this also means that we fear that someone can harm us if someone is able to enter the flat without authorisation by breaking down the door or if the key falls into the wrong hands. Losing the key is a risk and would jeopardise the protection of our property.

It's the same with information - here too there is some that should be particularly protected; in the private sphere, for example, the PIN to one's bank account or one's will. You want to protect these things from being seen or known by others. It is now the task of information security to adequately protect information. Four protection goals are targeted: Confidentiality, integrity, availability and authenticity. In the processing, storage and warehousing of information worthy of protection, information security now aims to ensure protection against dangers and threats. Both technical systems for digital data processing and analogue processes are considered, i.e. both computers and paper documents play a role. Possible threats can be very diverse: be it a hacker group trying to break into someone else's computer or the loss of a file folder in which sensitive documents are stored.

The protection goals mentioned above help to classify the need for protection as well as the risk potential of information and information-processing processes. In concrete terms, the vulnerability of the four protection goals can be described as follows:

  • Confidentiality: protect confidential information from unauthorised access or disclosure.
  • Integrity: protect the correctness of information and the functioning of systems.
  • Availability: protect authorised users from impeding access to information and systems.
  • Authenticity: be able to determine the origin of data.