The 4 Fundamentals to IT Security
At a recent security event, VP of Gartner Neil MacDonald broke down the fundamentals of IT security into four categories, "Information security was never about device lockdown, or dictating applications, or building firewalls. It was always about protecting the confidentiality, the integrity, the authenticity, the availability of information." Here's a closer look at these four security qualities.
Data Confidentiality
One of the biggest roles of IT security is protecting sensitive information, especially concerning the data that needs to be kept confidential. In a company's IT network, sensitive data is exchanged between multiple parties like customers, employees, and even yourself. You will want to have strong protections in place to assure that only the people meant to see the information will be able to access it. For example, only your accounting department should be able to view your employees' bank account information. A breach in data confidentiality will put victims at risk of identity theft and make your business liable for damages.
Here are six examples from Cornell University of data that your business needs to keep confidential.
- Data used to uniquely identify people.
- Data used to pay or reimburse people.
- Data used to provide employment benefits.
- Data used to support business-related travel and lodging.
- Data used to understand the financial status of a person.
- Data used to fulfill obligations to the government.