Security is the defense of digital information and IT assets against internal and external, malicious and accidental threats.
This defense includes detection, prevention and response to threats through the use of security policies, software tools and IT services.
Security is critical for enterprises and organizations of all sizes and in all industries.
Weak security can result in compromised systems or data, either by a malicious threat actor or an unintentional internal threat.
Not meeting security standards that are regulated by a separate organization or law, such as PCI DSS 3.0 or HIPAA compliance, can also result in financial penalties.
Physical security is the protection of personnel, hardware, software, networks and data from physical actions, intrusions and other events that could damage an organization.
This includes natural disasters, fire, theft and terrorism, among others.
Physical security for enterprises often includes employee access control to the office buildings as well as specific locations, such as data centers.
An example of a common physical security threat is an attacker gaining entry to an organization and using a USB storage drive to either copy and remove sensitive data or physically deliver malware directly to systems.
Threats to physical security may require less technical savvy on the part of the attacker, but physical security is just as important as information security.
Information security, also called infosec, encompasses a broad set of strategies for managing the process, tools and policies that aim to prevent, detect and respond to threats to both digital and nondigital information assets.
Infosec includes several specialized categories, including:
Application security - the protection of applications from threats that seek to manipulate application and access, steal, modify or delete data.
These protections use software, hardware and policies, and are sometimes called countermeasures.
Common countermeasures include application firewalls, encryption programs, patch management and biometric authentication systems.
Cloud security - the set of policies and technologies designed to protect data and infrastructure involved in a cloud computing environment.
The top concerns that cloud security looks to address are identity and access management, and data privacy.
Endpoint security - the part of network security that requires network devices nodes to meet certain security standards before they can connect to a secure network.
Nodes devices include PCs, laptops, smartphones and tablets.
Endpoint security also extends to equipment like point-of-sale (POS) terminals, bar code readers and IoT devices.
Internet security - the protection of software applications, web browsers and virtual private networks (VPNs) that use the internet.
Using techniques such as encryption and internet security aim to defend the transfer of data from attacks like malware and phishing as well as denial-of-service (DoS) attacks.
Mobile security - the protection of portable devices, such as smartphones, tablets and laptops.
Mobile security, also known as wireless security, secures the devices and the networks they connect to in order to prevent theft, data leakage and malware attacks.
Network security - the protection of a network infrastructure and the devices connected to it through technologies, policies and practices.
Network security defends against threats such as unauthorized access, and malicious use and modifications.