It and information security

Abstract

Internet has come to stay in all activities of most of the people who carry out transactions such as reservation for journey, payment of bills, bank transactions, medical prescriptions and so on and so forth in their everyday life. Such activities involve handling of storage and retrieval of information. When computers became popular in public use, the devices were of standalone nature. Therefore there was no problem for individuals or organisations in ensuring the security of information stored in the computers. However, with the connectivity of computers with outside world through Internet the information held privately in computer became accessible to unknown persons who could play mischief by hacking, phising, etc. That is, information stored in computers fallen prey to unscrupulous and unauthorised persons for manipulations by them. Sometime ago, strangers entered the house of a owner of private company running the business of employment exchange at mid of night, opened his computer and attempted to steal the data of prospective candidates who had applied for job. On hearing the commotion the owner woke up and the thieves ran away. The number of such cyber crimes have increased recently thus putting at grave risk the business of corporations. Of late, there have been a large number of cases of abuse of computer information. In this modern age of widespread internet use for various business activities of an organization, it has unwittingly exposed the confidential information of these organizations to hackers and antisocial elements. This has endangered the security of information of the organizations to very high level of risks. Classified information at the hands of anti-social elements could jeopardize the security of the country too. Information Security (IS) is the most important aspect of IT and its risk management helps the organizations to identify and manage the potential risks associated with information and information technology in a cost-effective way.