Information security is the preservation of the confidentiality, integrity and availability of information, where
-
Confidentiality refers to the property that information is not made available or disclosed to unauthorised persons, entities or processes,
-
integrity refers to the property that information is accurate and complete, and
-
availability refers to the property that the information is accessible and usable by an authorised body when needed.
It should be distinguished from data protection, which focuses only on the protection of personal data, and IT security, which focuses only on the protection of IT systems. Information security refers to digital and analogue information, regardless of whether it is personal data or only business-related data. It covers a wider area than data protection and IT security. These two disciplines can be considered as part of information security.