Why information security is important
When you ask a security professional to define security, he or she is likely to explain that it is the protection of data confidentiality, integrity, and availability. OK, but what does this mean to the SMB?
First, keeping your data secure helps maintain customer good will. Protecting their identities from theft and providing a general perception of your willingness to secure sensitive information about their credit cards or other financial information, while the media are full of stories about lost information, is a big plus.
Second, information security includes planning for business interruptions and how to quickly recover with minimal negative impact on finances or market share.
Third, maintaining the confidentiality of information which hones your competitive edge is critical. Intellectual property such as product/service development documentation and customer lists are examples of data types you need to keep safe.
Finally, there are regulatory requirements and industry standards. Failing to comply with these constraints can result in fines, loss of business, or litigation. In addition, failure to comply with the PCI DSS can result in payment card companies withdrawing your ability to accept credit cards in payment.
Now that we’ve seen why you should care about information security, let’s take another look at the CIA of security—confidentiality, integrity, and availability.