Write up on the CIA Triad

Posted by bwess002 on

Name: Brayon Wesson
Date: 9/17/2023

What is the CIA Triad?
In the cybersecurity world we use polices in many organizations and the model that is used for those policies is the CIA Triad model. CIA stands for: Confidentiality, integrity, and availability. These three main factors are the building blocks to a company that is trying to build a secure base. Some say that there is a need for a improvement for the triad but the foundation of the Triad stays the same no matter you spin it.
What goes into the CIA Triad?

The CIA Triad Comes with three parts:
• Confidentiality: is roughly equivalent to privacy. Confidentiality measures are designed to prevent sensitive information from unauthorized access attempts. It is common for data to be categorized according to the amount and type of damage that could be done if it fell into the wrong hands. Stringent measures can then be implemented according to those categories. (Wesley, 2022)
• Integrity: Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality). (Wesley,2022)
• Availability: means information should be consistently and readily accessible for authorized parties. This involves properly maintaining hardware and technical infrastructure and systems that hold and display the information. (Wesley, 2022)

The Best way to use the CIA Triad is to use all components of it to the max:
• With Confidentiality you must use Data that is encrypted and that has permissions that are up to date (Wesley, 2022)
• With Integrity You Should Ensure the employees are knowledgeable on regulatory requirements to bring human error to close to zero as possible. (Wesley, 2022)
• Availability use thins like redundancy and RAID to ensure all systems are updated, and also make sure there are data recovery methods. (Wesley, 2022)
• The Triad is something that was made overtime as defense industries began to rise in the USA, the three components were used to bring a building block to their combination. By 1998 we saw all of them come together to where we are today. (Wesley, 2022)


The difference between Authentication and Authorization
The difference between Authentication and authorization is something that is very distinct. All though they are both important they have a very distinct difference when it comes to the security world.
• Authentication is the process of confirming the identity of a user, Authentication verifies who you are. (oneLogin)
• Authorization is the process of giving a user pression to activate data behind some sort of blockage. (Okta, 2018)
Authentication is like using a username and password like logging into your MIDAS account, while Authorization checks what you can see with the login (i.e. Your Canvas and class schedule).

Conclusion
In the cybersecurity world we use polices in many organizations and the model that is used for those policies is the CIA Triad model. CIA stands for: Confidentiality, integrity, and availability. These three main factors are the building blocks to a company that is trying to build a secure base. Some say that there is a need for an improvement for the triad, but the foundation of the Triad stays the same no matter you spin it. When it comes to Authentication and Authorization, we can see the many differences and what goes into the different things that is in cyber security.

References
Okta. (2018, October 15). Authentication vs. Authorization. Okta. https://www.okta.com/identity-101/authentication-vs-authorization/

Authentication vs. authorization. (n.d.). OneLogin. https://www.onelogin.com/learn/authentication-vs-authorization

What is the CIA Triad_ Definition, Explanation, Examples – TechTarget.pdf. (n.d.). Google Docs. https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view








Leave a Reply

Your email address will not be published. Required fields are marked *