What is IT-Security?
IT-Security is not a product, it's a process. Don't think to buy a firewall which solves all your security problems! You always have to ensure good configuration and updates - this should be an integrated process. But you never will reach 100% of security, it's like a bank safe: you can make it difficult to crack, but there will always be somebody, who is able to break it with a lot of resources! Here are the most important components of IT-Security:
Authenticity
Authenticity is about the identity of a subject/object. This can be a user, a process, a system or an information. This is needed for Non Repudiation and Accountability.
Integrity
This means Data-Integrity, that data was not manipulated or destroyed in an unauthorized way and System-Integrity, that the system is available with the usual performance and was not manipulated with unauthorized access. Integrity is part of Authenticity.
Confidentiality
Information should not been seen by unauthorized persons, instances or processes. This means protection of personnel or business-critical data, privacy and anonymity.
Availability/Dependability
Refers to functionality of soft- and hardware ist not altered in any unauthorized way and about secured business continuity.
Non Repudiation/Accountability
Non Repudiation means, that actions of instances (users, processes, systems and information) can be associated with only that instance. Accountability refers to financial transactions and all communication issues.
Reliability
The usual functionality and behavior of data and systems is secured. This is needed for Integrity and Non Repudiation.