Confidentiality, integrity and availability are referred as three components of CIA triad. Confidentiality
of information integrity of information and availability of information.
This model is designed to protect information within an organization.
We talk a lot about confidentiality
of data, which is nothing but allowing accessing to only authorized persons. Protecting
the information is the organizations primary responsibility. Information is
costs a value. We normally protect our bank, personal, business, government
information. I am sure most of the people who you know will not disclose their
personal information to anyone. Protecting the information is a major
responsibility and it is part of information security. We hear a lot about
encryption. Encryption ensures that right person can only access the data. Primary
rule of protecting information confidentiality would be encryption. These days people
are also smart enough to protect their information by using various methods. Encryption
is widely spread and used in almost every protocol used and due to the trust
that was built on saving the information and only respective individuals can
read the data. A very good example is Google authenticator. To access an
application it is not just the password that is required but there is step 1
clearance that it will send a code to your phone and that code needs to be
entered to gain the access.
Integrity of information is
keeping data safe and trustworthy by protecting information from intentional or
accidental changes. The main objectives for integrity of information is to
protect data from unauthorized
individuals from making changes to data, Prevent authorized users from making
improper changes to data and to maintain internal and external consistency of
data. Correct information has a price. Information that
has been tampered with could prove costly. Example is if you leave a tip for
$100, but you were charged $1000 the information was tampered and $1000 was
charged. We know that Data confidentiality, cryptography plays a very major
role in ensuring data integrity.
information keeps data and resources available only for authorized users in
emergencies. Information security authority address three common challenges to
data availability which are
Having issues or denied access to data due to planned incidents is because of
undiscovered flaws in implementation, Loss of information system capabilities
because of natural disasters or human actions and technical errors or equipment
failures. We hear a lot about hacking systems to get information or servers are
down due to maintenance etc. such incidents can be very
costly. Other factors that could leak information may include accidents such as
power outages or natural disasters such as floods.
The importance of
backing up data is realized by many organization. They feel it is safe to have
back up data which is helpful sometimes. Regular backups can limit the damage
caused by damage to hard drives or natural disasters.