Data security is a complex issue that involves multiple components, such as the application, servers, network infrastructure and end users.
Data security is a key priority for organizations as they increasingly depend on information to make decisions and generate revenue. Data loss can be highly damaging to an organization's reputation, brand and bottom line.
Data security is the protection of data from unauthorized access or modification. Data security includes hardware, software and processes that protect against accidental or malicious destruction, loss or alteration of stored data.
Data security includes:
Physical Security: Physical security refers to the physical protection of the IT infrastructure. This includes the protection of your building's perimeter and physical access control systems such as badges or keys.
Network Security: Network security refers to protecting your internal networks from unauthorized access by outsiders or hackers. This can include firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS).
Application Security: Application security refers to protecting applications from abuse by insiders or hackers who may gain access through other means than just normal use of an application. For example, if an attacker can obtain administrator-level privileges on a server through social engineering techniques such as phishing emails then they could install malware on those servers which could then be used to attack.