Brennan Hollowell 09/14/2023
Conclusion
The CIA Triad’s job is to make sure organizations have the proper security and structure to maintain their data without it being changed or stolen. Companies need to know how to keep their own information secure and the CIA Triad gives them the proper guidelines of how to keep their data safe. Authentication and authorization play a key part in keeping a company secure and is needed to make sure everything goes the way it should. Both parts are needed if there was no authorization a person would only have to be authenticated and could access anything they wanted in a company.
CIA Triad
The CIA Triad is broken down into three categories: Confidentiality, Integrity, and availability. It works by putting all those categories together to help protect an organization. Confidentiality works to keep the organization’s data secure and away from those who do not have access. Integrity makes sure the information is accessed by who should access it and keeps track of all those who might have access to it and makes sure it is not changed. Availability keeps the data available to those who need to access it and makes sure whoever needs to see it can.
Authentication and Authorization
Authentication and Authorization may sound the same but they are very different from one another. Authentication is the process of figuring out who the person is and whether or not they should be accessing the data. Authorization is when that person goes and accesses information from the data that they are authorized to use. Not every person in an organization has the same authorization; some people are authorized to look at specific information and another person might not. Authentication and authorization would be something that the CIA Triad tries to maintain and would help that company develop policies to keep the company safe of those who should and should not access certain data.
Sources:
What is the difference between authentication and authorization?. SailPoint. (2023, March 7). https://www.sailpoint.com/identity-library/difference-between-authentication-and-authorization/#:~:text=So%2C%20what%20is%20the%20difference,a%20user%20has%20access%20to.