In general terms, providing security means “freedom from risk and danger”. In the context of information security, it is securing against:
- Access to information by unauthorized persons
- Modification to information by unauthorized persons
- Destruction of information by unauthorized persons
This means basically, any type of access to information needs to be protected. Whether the access is physical such as accessing CPUs, hard disks, or logical, as in accessing the system directly or remotely, access needs to be restricted and thus, information needs to be protected.
Access control is considered the most important ...