Introduction to Information Security and Big Data
Subject: Information and Big Data Security (CYB 304)
Information Security (often called InfoSec) is the practice of protecting information and data from unauthorized access, theft, damage, or loss. It ensures that information is safe whether it is stored on a computer, sent through the internet, or written on paper.
In simple terms, information security means keeping important information:
-
Private from unauthorized people,
-
Correct and trustworthy, and
-
Available when needed.
For example:
- A student’s school portal password should not be known by strangers.
- Bank account details should not be stolen by hackers.
- Hospital patient records should remain confidential.
- Examination results should not be altered illegally.
The Three Main Goals of Information Security (CIA Triad)
a. Confidentiality: confidentiality means that only authorized people can access information. For example, your ATM PIN is confidential and WhatsApp chats are private. If someone hacks into your email and reads your messages, confidentiality has been broken.
b. Integrity: integrity means information remains accurate and unchanged unless authorized. For example, your exam score in the school database should not be changed by another student. And your bank balances should remain correct. If a hacker changes a student’s result from 65 to 95, integrity has been violated.
c. Availability: availability means information and systems are accessible when needed. For example, ATM services should work when customers need money AND School portals should be available during course registration. If a server crashes during registration, availability is affected.
Common Threats to Information Security
1. Malware: malicious software such as viruses, worms, and ransomware. Example, a virus from a flash drive damaging computer files.
2. Phishing: fake emails or messages used to steal passwords or banking information. Example,
a fake bank message asking you to “verify your account.”
3. Hacking: Unauthorized access to computer systems. Someone breaking into a school database to change grades.
4. Insider Threat: a trusted person misusing access privileges. Example, A staff member leaking students’ records.
5. Weak Passwords: easy passwords make systems vulnerable. Example is using “123456” as a password.
Ways to Protect Information
1. Strong Passwords: use combinations of letters, numbers, and symbols.
Example:
Weak: password123
Strong: B3n!2026#Secure
2. Antivirus Software: protects systems from malware.
3. Backup: keeping copies of important files. Example, saving project files to cloud storage or external drives.
4. Encryption: converting information into unreadable form unless a key is used. Example is WhatsApp end-to-end encryption. And Password hashing and storage in DB
5. User Education: teaching people safe internet behavior. Avoiding suspicious links.
By:
Vision University
Login to comment or ask question on this topic