What is Information Security Management?

blog confidentiality integrity authenticity availability data-minimization
Deutsch

Information Security

The main task of information security management is to protect the basic values:

  • confidentiality,
  • integrity (authenticity and non-repudiation) and
  • availability

of information.

The basic pillars of information security
The basic pillars of information security

This includes not only securing traditional IT but also all systems, such as IoT systems, industrial control systems and overall all systems and processes in which information is processed, retrieved or stored.

Data protection

In the context of data protection, the following are then usually also considered.

  • Data minimization,
  • Intervenability (enabling data subjects’ rights to be carried out at any time, for example, the execution of deletion requests),
  • transparency and
  • so called non-chaining (as a safeguard for purpose limitation)

are required.

Purpose limitation here means that personal data may only be used for the purpose for which it was collected. If the purpose has been fulfilled and the data is then no longer required, it must be deleted.