Professional Documents
Culture Documents
net/publication/330778559
INFORMATION SECURITY
CITATION READS
1 3,658
2 authors:
All content following this page was uploaded by Yogesh P. Surwade on 01 February 2019.
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 3
were no application classification jobs for created a new operating system called UNIX.
computers or operating systems at this time, While the MULTICS system had planned security
because the primary threats to security were with multiple security levels, and passwords, the
physical theft of equipment, espionage against the UNIX system did not. In the late 1970s the
products of the systems, and sabotage. microprocessor brought in a new age of
computing capabilities and security threats as
The 1960s: During the 1960s, the Department of these microprocessors were networked.
Defense’s Advanced Research Procurement
Agency (ARPA) began examining the feasibility Definition of Information Security:
of a redundant networked communications system According to Merriam-Webster Dictionary,
designed to support the military’s need to security in general is the quality or state of being
exchange information. Larry Roberts, known as secure, that is, to be free from harm. According to
the Founder of the Internet, developed the project Oxford Students Dictionary Advanced, in a more
from its inception. operational sense, security is also taken steps to
ensure the security of the country, people, things
The 1970s and 80s: During the next decade, the of value, etc. Schneier (2003) consider that
ARPANET grew in popularity and use, and so did security is about preventing adverse consequences
its potential for misuse. In December of 1973, from the intentional and unwarranted actions of
Robert M. Metcalfe, indicated that there were others. Therefore, the objective of security is to
fundamental problems with ARPANET security. build protection against the enemies of those who
Individual remote users’ sites did not have would do damage, intentional or otherwise.
sufficient controls and safeguards to protect data According to Whitman and Mattord (2005),
against unauthorized remote users. There were no information security is the protection of
safety procedures for dial-up connections to the information and its critical elements, including the
ARPANET. User identification and authorization systems and hardware that use, store and transmit
to the system were nonexistent. Phone numbers that information. Information security is the
were widely distributed and openly publicized on collection of technologies, standards, policies and
the walls of rest rooms and phone booths, giving management practices that are applied to
hackers easy access to ARPANET. Much of the information to keep it secure.
focus for research on computer security centered
on a system called MULTICS (Multiplexed The information security performs four
Information and Computing Service). In mid- important functions for an organization which is
1969, not long after the restructuring of the enables the safe operation of application
MULTICS project, several of the key players implemented on the organization’s Information
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 50
Technology (IT) systems, protect the data the
organizations collects and use, safeguards the
technology assets in use at the organization and
lastly is protect the organization’s ability to
function. The information security also enables
the safe operation of application implemented on
the organization’s Information Technology (IT)
systems. This is because to protect the data, the
organization will applied or install the appropriate
software that will secure the data such as antivirus Figure
and others protected applications. So, information Classical CIA triad of Information Security
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 51
• Training personnel on proper procedures. • Use of certain firewall and router
Integrity: Integrity of data is protected when configurations.
the assurance of accuracy and reliability of
information and system is provided, and
unauthorized modification is prevented.
Threat Source:
• Viruses
• Logic Bombs
• Backdoors
Countermeasures: Figure
Modified and more realistic CIA triad of
• Strict Access Control
Information Security
• Intrusion Detection
IMPORTANCE OF INFORMATION SECURITY:
• Hashing
Information security (InfoSec) is the exercise of
Availability: Availability ensures reliability
protecting information while still providing access
and timely access to data and resources to
to those who need it. Learn about the three ethics
authorized individuals.
that are the foundation of good InfoSec. In the era
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 5
social media posts that we send to our friends or for personal purposes. For example,
family. We also want to keep certain things like employees use company email for some
our Internet passwords, credit card numbers, and individual communications, and some
banking information from getting into the employees may be allotted a blackberry or
erroneous hands. Information security is not just cell phone that they use for limited
about keeping secrets. Sometimes we just have personal use. Several people may not even
records, such as family photographs and videos or have a home computer and use their
other documents that we want to have access to at company issued laptop for everything
any time and that we don't want to be demolished including running personal software, like
or erased. their tax software. On the flip side, some
employees may bring a personal laptop
• To comply with regulatory requirements into the office and try to plug it in. The
and fiduciary responsibility. employees used organization asset that
• To improve efficiency purpose to access and kept organization
information for personal purposes. The
The information security is important in
hazard of this action is, the information
the society because it can protect the confidential
may be can access by other person from
information, enables the organization function,
external organizations.
also enables the safe operation of application
• INCONSISTENT ENFORCEMENT OF
implemented on the organization’s Information
POLICIES: Many companies either haven’t
Technology system, and information is a benefit
enforced their policies in the past, or have
for an organization.
done so inconsistently depending on the
position of the employee. The sources of
CHALLENGES OF THE INFORMATION
many issues when a security function tries
SECURITY: There are some challenges in our
to crack down of violators. Many
constantly changing environment that makes it
organizations have misjudged the
difficult to adequately protect our resources.
important of implement policies and
There are blending the corporate and personal
regulation about the information security.
live, inconsistent enforcement of policies, lack of
This makes many group writes the
awareness in information security, information
information policies but does not applied it
security threats etc.
• LACK OF AWARENESS IN INFORMATION
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 5
properly. They are lacking in awareness on Sometimes organizations do not take
vital of information security makes the seriously about hiring staffs based on their
information is easier to being attacks. qualification. This is because there are
Basically, employees keep the organizations that appointing employees for the
information, but they do not take proper information security manager but it is doesn’t
method in secure the information. This match with his qualification or skill that he have
may put the confidential information in about information security. So, it is difficult for
risk. that staff to keep the organizations data with
proper protection. This will makes other foes
• INFORMATION SECURITY THREATS: New
easier to attacks and stole the information if the
security fears are emerging every day from
employees don’t have skill or knowledge on how
malware programs that can be
to protect the confidential data. Even though the
inadvertently installed on a user’s
information is important in organization, there are
machine, to phishing attempts that deceive
numerous challenges to protect and manages the
employees into giving up confidential
information as well. One of challenges faced in an
information, to viruses, worms, and
organization is the lack of understanding on vital
strategic identity theft attempts.
of information security. When employees is lack
Sometimes threat assaults the information
of information security knowledge in term of
in organizations is difficult to handles. It is
keeping their information, the society is easy to
because the protection programs that
being attacks by hackers or another threats that try
mounted in the computer system to protect
to stole or get the organization confidential
the data are not properly function or not
information.
good enough. Difficulties in manage of
Information Security for Libraries: Today,
information security because of do not the
library surroundings are increasingly reliant on
suitable qualification in information
computer technology. Many libraries of all sizes
security.
have dropped use of card catalogs in favor of
electronic versions– and many of the electronic
versions previously accessible only via
workstations within library buildings are now
Web-accessible. Online searching of anexcess of
databases and other information sources has
become ubiquitous for the end user, rather than
being restricted to librarians trained in online
searching. Access to broad purpose
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 5
microcomputers and software, as well as to the of Information the giving or taking information
Internet, is offered in nearly all libraries of must be so much “secure” it means the required
significant size. Although some new texts on information is “authentic” “protective” “secure”
library security address aspects of information and and “much highly appreciated”. Information
computer security security is much needed in Libraries also because
Minimally, effective information security in the libraries also because the libraries are the
libraries should include: storehouses of “Information” and if the Libraries
• Staff assigned to information security are handling the “Security” process in giving or
tasks taking any information then the “Users” can be
• Training all personnel in information effectively use the proper information then the
security issues and procedures “Uses” can be effectively use the proper
• Specific policies dealing with information information for their purposive work and its result
privacy, physical security of equipment, will be evaluated in our libraries progress and
and computer security procedures developments. Information security is an ongoing
• Levels of access to data or equipment, and computer security. Information security is crucial
These points are proposed for all types of all staff in an organization to have knowledge and
special libraries and collections. They are security practice in an organization to protect the
intended for libraries of all sizes, with all types of confidential data. Information accessed without
patrons, backing models and organizational authorization is called a data breach. Data
another library, but the need for effective andKeserwani, Pankaj Kumar, “Information
Conclusion: As we see that today’s world Computer Science and Software Engineering,
is much dependent upon the “Information” and its Volume 4, Issue 1, January 2014, ISSN: 2277
“security” too. “Information security” is very 128X. Available online at: www.ijarcsse.com
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 53
2. Stamp, Mark (2011) Information Security: 10. http://www.staffs.ac.uk/support_depts/infoserv
Principles and Practice, Second Edition, New ices/rules_and_regulations/Infosecurimp.jsp
Jersey: John Wiley.
11. http://www.oecd.org/document/42/0,3343,en_2
3. Newsby, Gregary B., “Information Security in
649_201185_15582250_1_1_1_1,00.html
Libraries.” In Kisielnicki, Jerzy (Ed),Modern
Organizations in Virtual Communities. 12. Importance of Information Security In
Information Security in the Vulnerable 13. Information Security (2017) Wikipedia, the
Pharmaceutical Industry”. Journal of Free Encyclopaedia.
Information Security, 5, 147-153. http://en.wikipedia.org/wiki/Information_secur
http://dx.doi.org/10.4236/jis.2014.54014 ity
5. Sattarova Feruza Y. and Prof.Tao-hoon Kim,
“IT Security Review: Privacy, Protection,
Access Control, Assurance and System
Security”, International Journal of Multimedia
and Ubiquitous Engineering, Vol. 2, No. 2,
April, 2007
6. Shumann, Bruce A. (1999) “Library Security
and Safety Handbook”: Prevention, Policies,
and Procedures, Chicago: American Library
Association.
7. Qadir, S. and Quadri, S.M.K. (2016)
“Information Availability: An Insight into the
Most Important Attribute of Information
Security”, Journal of Information Security, 7,
185-194.
9. http://www.open.edu/openlearn/science-maths-
technology/computing-and-ict/introduction-
information-security/content-section-1
“Knowledge Librarian” An International Peer Reviewed Bilingual E-Journal of Library and Information Science
Special Issue, January 2019 &# 2 55