"Information security" "Data security" sounds synonymous to most of us and both of them prevent unauthorized access, use, disclosure, modification, and inspection of information. Personal data, also known as personal information, personally identifying information(PII), or sensitive personal information(SPI),is any information relating to identifying a person.
There is a subtle difference between data and information. Data are the facts or details from which information is derived. Individual pieces of data are rarely useful alone. For data to become information, data needs to be put into context.
In simple words, For any individual, his/her name, address, bank account details etc., are his/her personal data. when you use this personal data to get meaningful information i.e Raj got 80 % in 10th std exam is an information about Raj.
| Data | Information |
|
Data is raw, unorganized facts that need to be processed. Data can be something simple and seemingly random and useless until it is organized |
When data is processed, organized, structured or presented in a given context so as to make it useful, it is called information. |
|
Each student's exam score is one piece of data. |
The average score of a class or of the entire school is information that can be derived from the given data. |
Examples of Data and Information
- The temperature readings of a sick person for two days is data. If this data is organized and analyzed to find that the patient is effected with particular disease, then that is information.
- The number of visitors to a website is an example of data. Finding out how many people accessing website from a particular region is meaningful information.
Most of us think that "information security"is guaranteed,data security is guaranteed too.
and can be exploited by individuals. For instance, data can be altered and be used to create fake profiles/ documents.
Information Security is not all about securing information from unauthorized access. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. Information Security programs are build around 3 objectives, commonly known as CIA Confidentiality, Integrity, Availability.
Data/Information Protection tips for individuals
Individuals could also fall prey to malicious cyber-attacks like phishing emails, social engineering, and social media threats. A single click on a link sent by a cyber-criminal could lead to loss of sensitive data or identity theft. Here are a few ways to stay secure your data a7 be cyber safe:
Avoid Unknown Links: Never click on unknown links, even if the email sender or website does not look suspicious to you.
Create Different Passwords: Use strong and different passwords on your accounts. It is a common practice to use the same password on various accounts, making it easy for a cyber-criminal to gain access to not just one account, but all your accounts.
Don't Share or Store PII: Never store your personal information in your email account or share PII via email, messages, or online applications.
Read the Fine Print: Always read the fine print before giving out personal information to any website, especially while making online purchases.
Avoid Unnecessary Access: Avoid Remote access given to various applications on your mobile phone before installing it onto your device.
Online Precautions: Limit sharing any personal information on social networking platforms, including your location and email addresses.
Data / Information Protection Tips for organizations:
With new threats emerging it is time for organizations including all employees to adopt certain measures to protect personally identifiable information (PII).
Update Your Systems and Software: Stay up to date with the latest operating system and additional software updates.
Encryption: Encrypt confidential information shared by employees, partners, and customers.
Password Creation: Enforce strong password usage, with a regular change in passwords every few months.
No External Connections: Avoid using USBs and other external devices on your office system, which can implement the transfer of data from one device to the other. This also includes using USB portals to charge mobile phones and other electronic devices.
Data Backup and Recovery: Consult your information security executives to ensure that you have a strong data backup and recovery procedure that is constantly updated.
Resource:
https://blogs.upm.es/sse/2016/11/01/privacy-vs-data-protection-vs-information-security/
