Things to know about Information and Data Security

Protection of Personal Information Act

Posted by LeRoux van Wyk on 2021-03-29 in POPI Data Security Best Practices

What is the difference between data and information?

Data is an individual unit that contains raw material which does not carry any specific meaning. Information is a group of data that collectively carries a logical meaning to humans.

Why is there a need for data and information security?

Data and personal information have become one of the most important commodities that a company can own. If properly used It allows us to manage our personal health, dietary habits and financial wellbeing far better than before. Mobile phones and wearable tech gives us insight into things that we previously took for granted. This is all considered Big Data.

Data security is a company's protective measures put in place to keep any unauthorized access out of their databases, websites, and computers. They implement data security solutions to protect against cyber-attacks that imperil company data, assets, finances and ultimately their reputation. 

As cyber hackers get smarter, the need to protect this digital asset and network devices is now even greater. While providing IT security can be expensive, a significant breach can cost an organization far more and the information that is exposed can jeopardize the well-being of all its customers.

What is the difference between data security and information security?

Although data security and information security may sound similar, they do differ fundamentally. Data security refers to the prevention of unauthorized access, use, disruption, modification or destruction of data in storage. Information security is the prevention of unauthorized access, use, disruption, modification or destruction of information.

 

The reason why there is a distinction between these two concepts is because data in itself can be useless if the origin or application is unknown whereas information contains processed data which is readable by anyone who accesses it.

 

How do I benefit from data and information security?

Security prevents threats and potential security breaches that can have a huge impact on your organization. When you enter your internal company network, IT security helps ensure only authorized users can access and make changes to sensitive information that resides there. IT security works to ensure the confidentiality of your organization’s data.

 

Threats to security can come in different forms. A common threat is malware, or malicious software, which may come in different variations to infect network devices, including ransomware, spyware and viruses. These threats make it very important to have reliable security practices in place.

 

What are some of the types of data and information security?


Network security - is used to prevent unauthorized or malicious users from getting inside your network. This ensures that usability, reliability, and integrity are uncompromised. This type of security is necessary to prevent a hacker from accessing data inside the network. It also prevents them from negatively affecting your users’ ability to access or use the network. Network security has become increasingly challenging as businesses increase the number of endpoints and migrate services to the public cloud.

 

Internet security -  involves the protection of information that is sent and received in browsers, as well as network security involving web-based applications. These protections are designed to monitor incoming internet traffic for malware as well as unwanted traffic. This protection may come in the form of firewalls, antimalware, and antispyware.

 

Endpoint security - provides protection at the device level. Devices that may be secured by endpoint security include cell phones, tablets, laptops, and desktop computers. Endpoint security will prevent your devices from accessing malicious networks that may be a threat to your organization. Advanced malware protection and device management software are examples of endpoint security.

 

Cloud security - Applications, data, and identities are moving to the cloud, meaning users are connecting directly to the Internet and are not protected by the traditional security stack. Cloud security can help secure the usage of software-as-a-service (SaaS) applications and the public cloud.  A cloud access security broker (CASB), secure Internet gateway (SIG), and cloud-based unified threat management (UTM) can be used for cloud security.

 

Application security - With application security, applications are specifically encoded at the time of their creation to be as secure as possible, to help ensure they are not vulnerable to attacks. This added layer of security involves evaluating the code of an app and identifying the vulnerabilities that may exist within the software.

Back
Share

You need to identify and manage the risks in your business

Let Us Help You