The CIA triad is the result of combining three principles of security into an overlapping model of information security.\u00a0 The triad is based on three security principles, Confidentiality, Integrity and availability.\u00a0 Applying these principles can help develop security policies and priorities when considering information security.\u00a0 When utilizing the triad for assessing security, each principle is weighed against the other.\u00a0 If a new policy would affect and improve the confidentiality of data on a network, then what would the result be for the integrity and availability?\u00a0 In this case increasing confidentiality would likely reduce availability and may or may not have an impact on integrity.\u00a0 The triad sets the basis for this type of interaction between balancing the three principles so that organizations or people understand the impact changes will have and enable them to make better policies.<\/p>\n\n\n\n
Confidentiality is the process of \u201cpreserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information\u201d (Cawthra, 2020).\u00a0 Confidentiality is maintained by the implementation of two processes, authentication and authorization.\u00a0 Authentication is a form of verification for allowing access to resources.\u00a0 Common implementations of Authentication can include, logins, passwords, biometric scanners, security keys, keycards and many others.\u00a0 A commonly used authentication procedure is called two-factor authentication.\u00a0 This type of authentication combines the use of two forms of verification such as a password and also a biometric input before the user can gain access to resources.\u00a0 Authorization is the process of allocating privileges to the resources, or who can access what.\u00a0 Once a user has been authenticated, they are given access to an environment that only allows them to access what they need. Authorization based security is usually accomplished with the least privilege concept in mind, giving users the least amount of access and privileges as possible to complete their tasks.\u00a0 This can be controlled and monitored by giving temporary access and requiring re-authentication to enhance security and monitoring abilities.<\/p>\n\n\n\n
Integrity concerns the \u201cguarding against improper information modification or destruction and ensuring information non-repudiation and authenticity\u201d (Cawthra, 2020).\u00a0 Data integrity can be accomplished by proper logging and backup procedures.\u00a0 Utilizing logs to identify when data has changed and keeping a proper backup schedule and system to restore or identify if data has been altered.<\/p>\n\n\n\n
Availability is about providing the access and resources needed for users to complete their tasks.\u00a0 This can involve hardware and software to make sure resources are available.\u00a0 A certain business may require more bandwidth to accommodate their users which would require the hardware to provide this.\u00a0 Another situation would be providing network or cloud-based software services to users such as data hosting or email servers.<\/p>\n\n\n\n
I found it very important to understand when using the CIA triad each step complements the other and overlaps.\u00a0 As a business provides availability for its services, it must consider and implement policies concerning the confidentiality of the systems and how to maintain its integrity while also reevaluating what services it makes available.\u00a0 This shows how the triad system is a continuous effort to try and balance security and productivity by planning and thinking about the impacts changes can have on the three principles, the CIA.<\/p>\n\n\n\n
References<\/strong><\/p>\n\n\n\n Fruhlinger, Josh (2020). The CIA triad: Definition, components and examples<\/p>\n\n\n\n Cawthra, Jennifer (2020). NIST SPECIAL PUBLICATION 1800-25, Data Integrity: Identifying and Protecting Assets against Ransomware and Other destructive Events.<\/p>\n\n\n\n https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.1800.25.pdf<\/p>\n\n\n\n https:\/\/www.csoonline.com\/article\/3519908\/the-cia-triad-definition-components-and-examples.html<\/p>\n","protected":false},"excerpt":{"rendered":" The CIA triad is the result of combining three principles of security into an overlapping model of information security.\u00a0 The triad is based on three security principles, Confidentiality, Integrity and availability.\u00a0 Applying these principles can help develop security policies and priorities when considering information security.\u00a0 When utilizing the triad for assessing security, each principle is … Continue reading The CIA Triad<\/span><\/a><\/p>\n","protected":false},"author":23385,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/295"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/users\/23385"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/comments?post=295"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/295\/revisions"}],"predecessor-version":[{"id":296,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/posts\/295\/revisions\/296"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/media?parent=295"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/categories?post=295"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/adamjohnson\/wp-json\/wp\/v2\/tags?post=295"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}