Category Archives: Information Security fundamentals

What is information security?


Should all the information be top secret?

Probably the article “What is information security ?” should have been the first post on this blog. Information is a collection of meaningful data and we consider it as being a very important asset. Like any assets, it’s got a value for you (as the owner). The problem starts here. If it’s valuable to you, then it will probably be for a third party as well. Think for example of your list of clients and their purchases of products or services in relation with you. It surely has some value to your competition. If they can get hold of this information they might try to acquire some new business from you. That is why some protection needs to be in place. The CIA triad describes a fundamental security model with regards to the basic goals of information security. Continue reading

CIA triad

CIA-triad-information-securityI am going to talk, actually write, about the CIA triad. I am not going to discuss about some Chinese underground society in a joint venture with a three letter agency (secret service). CIA triad refers to an information security model made up of three principles: confidentiality, integrity, and availability.


Information needs to be secret to a non-intended and non-authorised party. It is perhaps the most common view towards information security. We usually refer to this aspect when we talk about security. You have to agree that having  confidential health records is absolutely taken for granted. Or your credit card details. Both have to be private to avoid unpleasant situations. Below, I managed to find (and it was really easy) Continue reading