Network security became a prominent information technology issue in the late 1990s and early 2000s, and has remained so ever since. Many businesses, however, still overlook this critical part of their information technology program. The result is billions of dollars in loss and damage in the United States alone every year. There are far more risks out there than just hackers. Information security is really about business continuity in the case of a malicious attack, user error, system failure or natural disaster.
One of the three main tenets of information security, confidentiality means keeping your proprietary data from falling into the wrong hands. A leak of confidential company data, whether accidental or via theft, can cause huge losses for any company, and in some cases has driven companies out of business altogether. A good information security program will safeguard against breach of confidentiality by at the very least encrypting confidential data, establishing user permissions so that only those users with need to access confidential data have the ability, and setting up good perimeter security to keep unauthorised users from accessing the system.
Another tenet of information security, data integrity means that you are sure your critical data remains intact and has not been tampered with. As you can imagine, operating on data which has been altered even the slightest amount can cause catastrophic failures and loss. To insure data integrity, your information security program should include tools to track changes to critical files, so you know exactly when a file was accessed, what changes were made, and which user made the changes.
The last of the three major tenets of information security, data availability is exactly that: making sure your data is available and accessible by those who need it. For some businesses, system downtime can mean losses of over a million dollars per minute. And downtime is rarely a result of hackers, though attacks are certainly the most publicised reason for system outages. Natural disasters such as fires and floods, users accidentally introducing malware from home computers, and power outages are far more common causes of system downtime. Data backups and emergency generators are the most crucial elements of a plan to insure system downtime and loss of availability are kept to an absolute minimum.