Purpose: In this paper we have studied topical issues of ensuring information security of geographic information systems. The complexity of protecting the information contained in a GIS is due to the breadth of this concept, as well as the huge amounts of data that are processed to obtain the necessary information. Modern information systems consist of complexes of technical, electronic and audiovisual means that collect, store and analyze data necessary for the effective functioning of the entire geographic information system. Any, even the smallest, failure can lead to information distortion, damage or loss. For this reason, ensuring information security is solved using only an integrated approach, when all possible (potential) risk factors are taken into account. The objective of this paper is to discuss the technical challenges raised by the unique requirements of secure geospatial data management and to suggest a comprehensive framework for security and privacy for geospatial data and GIS. Findings: Depending on the tasks to be solved, GIS can be used both as part of localorgeographically distributed global computer networks. At the current level of development of the domainof telecommunication services, this characteristic expands the circle of persons with access to the functions and information resources of GIS. Thisalso allows potential violators to implement unauthorized negative impacts on GIS. Thus, the article presents the features of the functioning of GIS, analysis of computer attacks that pose a threat to GIS, as well as a list of special measures that ensure the fulfillment of security requirements for geoinformation systems operating in conditions of constant data protection from unauthorized access. Research limitations/implications: This paper includes an analysis of the importance of geographic information systems in the modern world, assesses the pros and cons of data protection methods in GIS, and also examines the issue of improving modern geodata protection systems. Practical implications:Current and future GIS technologies are often required to provide accurate and up-to-date geospatial data collected by advanced technologies, including new satellite missions, sensor networks, mobile phones, social media, crowdsourcing and others. This includes areas such as land and natural resource management, real estate objects, urbaninfrastructure. Since such data are very often confidential, it is a natural necessity to develop and use methods to ensure information security, especially when it comes to professional systems. Originality/value: To date, the problem of data security and confidentiality in GIS is not fully understood, and there is not even a comprehensive understanding of all the issues that need to be considered and analyzed. The purpose of this paper is to identify and study such problems, and to develop a comprehensive framework for ensuring the security and confidentiality of data in GIS.