People who are using internet connection and computers have needed to secure their information. Information security is basically the practice of preventing unauthorized access to the inspection and modification of the data, which may be in physical or electronic form. The system is built around the three main aspects which are commonly known as CIA:

Confidentiality: refers to the information which is not disclosed to the unauthorized individual or the business entities. These are the agreements that provide confidentiality of saving the data in a way that information could not steal by the others. 

Integrity: refers to the terms which explain that make sure that information and the collected figures could only be changed by a competent authority in a prescribed manner.

Availability: is to make sure that access is only available to the authorized person.

These aspects elaborate on the meaning of information security as complete terms.  As concerned with the definition of physical security, it is the protection of the personnel, hardware, and software from the physical stealing of the data or information, which may result in serious loss and damage to the individual or business entities. Physical security means security from burglary, theft, and terrorism of the files which are kept in security. Physical security is most likely conducted in the department where the data or information is kept mostly in hard form. While using internet, user mostly thought that data could only steal in soft form by hacking and malware systems, but it is considered that physical security is also necessary as well. Physical security also covers three main elements, such as access control, surveillance and testing the data. Obstacles in the place to save the data from risk in resolving the issues may differ in nature. Physical allocations of the resources should be checked by the surveillance cameras as it is available in best quality in the market. There may be use of the warning alarms, which could detect the data theft by the unauthorized person.

Physical security is very important, but in some organizations it is ignored, and preference is given information security. If you want that no one could steal your information and used it for their personal purpose you should make the possibilities to save the data from physical theft. Any organization that is dealing with information security must be well-aware with physical security of the data. There may be attack on data with natural attacks which are not in the hand of human and others are the factors which are in the hand of human such as save from theft or terrorism. All these factors are collectively known as security threats. Physical security helps to save the companies to save their assets that make the business run in the security personnel with efficiency. The basic purpose of the information security is to secure the information assets, customer data and other necessary detail which could influence the business in negative or positive way. An organization that is dealing with information security on a large scale will support the procedure adopted by the information security professional which could be helpful in maintaining the secrecy of the business (T. R. Peltier, 2013).

Surveillance cameras should be used to protect the data from the unauthorized person, while information security is used to protect the information which is placed in the system software. Both are the security systems that are being used in the safety of the data on the computer. A business organization is required to be perfect in the administration, technical and management in all the departments which are compulsory to flourish in the market. Administration includes the location where data of business is stored. Their data could be saved by using CCTV cameras and warning alarms as their data lie in physical form. While in management department data is stored mostly in computer in soft form, which could be hacked or stolen while using hacking tools. Both are important concerns related to security measures in any business. Therefore both related to each other if there is absence of on others will not give proper benefits to the business entity (Liu & Liu, 2012).

The main purpose of physical security is to protect the assets and liabilities of the business and provide safeguards to the employees which are important to manage the assets of the company.

Physical security role in security information the workplace

Organizations that are created to make sure that all the organizations worked in the secured environment which could help to secure the information of the organization. Physical security also used to manage the risk related to continuing the business. Risk management in information security is the process of managing the risk associated with the use of information technology. It includes identifying, assessing and managing the risk to gain the confidentiality, integrity, and availability of the business entity. The ultimate purpose of this process is to detect and treat the risk to save the information of the business. There are different stages of information security risk management, such as risk assessment, risk control, risk mitigation, and risk identification. The security measures are very simple for the organizations to save the information of the company but it still somehow difficult to handle by the organizations in compliance. These compliances should be followed as:

·         Install firewall configuration that gives access to secure the assets of the company in order to protect the information of the individual or entity.

·         Use a strong password on the personal computer so that the unauthorized person could not access it.

·         Encryption of the data should be used on open accounts.

·         The secure and safe application should be used in the development of the business.

·         CCTV cameras are used to monitor the vulnerable areas which are necessary to protect the data in the resources.

·         Certain data authentication is used to secure the data.

Risk management and risk assessment are competed with the basic security risk analysis to maintain the infrastructure of the business and to analyze the situation of how a business entity continues to implement information security management. It should b included in the employees’ jobs that no one could copy or use data of others without his or her permission. Business organizations should use barriers and obstacles to prevent unauthorized persons from checking the data. Secure data should be made in the form that faces the disaster in the supervision of the delivery of data from one authority to another. It is the process to determine which factors could be beneficial for the organization and what re not suitable according to the business situation. It is difficult task to check which part of the risk gains confidentiality and which relates to integrity. This assessment makes the organization to divide the performance of the factors. To protect data from the theft companies are using safeguards and equipment to secure the risk. There must be secure power cables and power supply so that data in computers also saved from hacking. Any organization that is dealing in the market should implement these measures to continue the business in the market (R, 2007).

Security information provides the facilities of physical security with the quantity of the benefits which are related to the business.  The organizations use physical security, which covered many benefits such as enhance working efficiency and effectiveness. Nevertheless, you are dealing with customer or selling services in field of information security, and it is your duty to keep your customers at a peak trust so they could easily trust you and give you their information with the hope that you will protect their data with honesty. A business organization that proactively prefer to secure the customer's data tend to do more business s customer rely them due to having good reputation in the market (K. Popović & Hocenski, 2010).

References of PHYSICAL AND INFORMATION SECURITY

B. Bulgurcu, Cavusoglu, H., & Benbasat, I. (2010). nformation security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523-548.

H. N., & Liu, H. (2012). Cyber-physical-social based security architecture for future internet of things. Advances in Internet of Things, 2(01), 1.

K. Popović, & Hocenski, Ž. (2010). Cloud computing security issues and challenges. . The 33rd International Convention MIPRO, 344-349.

R, B. (2007). Information Lifecycle Security Risk Assessment: A tool for closing security gaps. Computers & security,, 26(1), 26-30.

T. R. Peltier. (2013). Information security fundamentals. CRC press.