Informtion Security

= What is information security? =

Information security is a set of practices intended to keep data secure from unauthorized access or alterations. (Josh Fruhlinger 2020)
Risk

1.Malware Infection

Software attacks on information security include viruses, malware, worms, ransomware like WannaCry or trojan horses. (Abi Tyas Tunggal 2021)

2.Phishing

Phishing emails or websites are often aimed at stealing intellectual property or log in credentials to gain unauthorized access. (Abi Tyas Tunggal 2021)

3.Code Injection

Hackers are sometimes able to exploit vulnerabilities in applications to insert malicious code. Often the vulnerability is found in a text input field for users, such as for a username, where an SQL statement is entered, which runs on the database, in what is known as an SQL Injection attack. Other kinds of code injection attacks include shell injection, operating system command attacks, script injection, and dynamic evaluation attacks.(Melanie Purkis 2018)

How to protect information security?

For manager

1. Establish a database for data backup and recovery.

2. Setup a website firewall.

3. Regularly evaluate the information system, find and prevent risks, protect information assets, and ensure the continuous and effective operation of the business system.

4. Establish secure email system and security audit and log management system.

5. Regularly provide customers with security system notifications by e-mail or other means, including real-time security vulnerability alerts, security upgrade notifications and supplier security notifications, and explain the security of each notification.

For user

Create and use strong passwords

That means at least 12 characters. Making a password longer is generally the easiest way to increase its strength. Consider using a passphrase of random words so that your password is more memorable, but avoid using common words or phrases. For more tips, check out this Password Checklist.(FEDERAL TRADE COMMISSION ND)

Reference:

= Abi Tyas Tunggal 2021, What is Information Security?, viewed 14 June 2021, < https://www.upguard.com/blog/information-security > = FEDERAL TRADE COMMISSION ND, Protect Your Personal Information and Data, viewed 14 June 2021, < https://www.consumer.ftc.gov/articles/protect-your-personal-information-and-data >

= Josh Fruhlinger 2020, What is information security? Definition, principles, and jobs, viewed 11 June 2021, < https://www.csoonline.com/article/3513899/what-is-information-security-definition-principles-and-jobs.html > =

= Melanie Purkis 2018, Top 5 Most Common Security Issues and How to Fix Them, view viewed 14 June 2021, < https://www.liquidweb.com/blog/five-common-web-security-problems/#:~:text=%20Top%205%20Most%20Common%20Security%20Issues%20and,aware%20on%20some%20level%20of%20the...%20More%20 > =