Information security has three essential characteristics: availability, integrity and confidentiality. Availability means that the data is readily available and will not be unreadable due to problems such as hardware failure. Integrity means that the data has not been subjected to malicious tampering and unauthorized access throughout the transaction, guaranteeing that the data is as it should be. Confidentiality means that the data is encrypted, not subject to eavesdropping, and not accessible to unauthorized persons.
1. Data availability
Malware threats, ransomware viruses, worms, logic bombs and other power failures server failures, hardware failures, and hard drive corruption.
2. Data integrity
Malware threats, such as virus files such as Trojan horse files and application vulnerabilities.
3. Data confidentiality
Malware threats such as spyware, Trojan horses, keyloggers; loss of disks or other data storage devices resulting in unauthorized access; deliberate leakage of confidential data by insiders; social engineering attacks to extract important data, such as password information, through spoofing, and counterfeiting.
4. Data compliance
The law and regulatory agencies have precise requirements for the collection, storage, use and transmission of data, and failure to comply with the law and regulatory requirements for data can result in financial loss, reputational damage, etc. Therefore, there is a need to set standards for data security protection within the company, and employees need to be trained in security awareness in conjunction with such rules so that employees adhere strictly to them.