The CIA Triad

Posted by agamb008 on

This report describes what the CIA Triad is and how important it is in securing our
networks, the difference between authorization and authentication within a system, and shows
why the Triad is a crucial framework to protect sensitive information in various environments at
all times to ensure data security, accuracy, and accessibility.

Description of the CIA Triad
The CIA Triad is a model for understanding and implementing security measures in
information systems. The first key part of the CIA is confidentiality which just means to ensure
that information is kept private. Confidentiality is key because there are plenty of new ways for
hackers to get into unauthorized systems. Referring to this article it said, “These direct attacks
may use techniques such as man-in-the-middle (MITM) attacks, where an attacker positions
themselves in the stream of information to intercept data and then either steal or alter it”
(Fortinet, 2024), this right here is a breach of confidentiality and that’s something you don’t want.
Next key part is integrity which ensures that the information stays accurate and unaltered. It’s
about making sure data in transit isn’t tampered with or changed without your permission. The
final key part is availability; this ensures information is accessible when needed. These three
components work together to protect data and secure networks.

Authentication vs. Authorization
Verifying someone’s identity is the process of authentication. It’s like checking an ID to
confirm someone’s identity. For example, when you enter a username and password to log into a
system, you are being authenticated. Verifying which files, apps, and data a user can access are
the authorization process. For example, once you are logged into the system, authorization
decides what you are allowed to do, like accessing certain files or using specific features. By
using this layered approach, it is possible to guarantee that only authorized users will have access
to sensitive data and that their access will be limited to what is allowed.


Conclusion
In conclusion, the CIA Triad- confidentiality, integrity, and availability- is fundamental
for securing our networks and protecting sensitive information. The Triad provides a
comprehensive framework for maintaining data security. Understanding the difference between
authentication and authorization only further strengthens this model.

Leave a Reply

Your email address will not be published. Required fields are marked *