The CIA Triad

Posted by clane020 on
The CIA Triad is an important idea in cybersecurity that stands for Confidentiality,
Integrity, and Availability. These three things are the foundation of protecting information and
systems. Let me explain each one in simple terms to show why they matter. First, Confidentiality
is about keeping information private. Only the right people should be able to see certain data, and
everyone else should be blocked. For example, with your online banking account, only you and
the bank should be able to see your financial details. Second, Integrity makes sure that
information is correct and hasn’t been changed without permission. This is really important
because if data gets messed with, it can cause mistakes or bigger problems. For example, if a
school tracks student grades and someone changes the scores to make it seem like a student did
better than they actually did, it could lead to a variety of bad outcomes. To make sure data hasn’t
been tampered with, integrity checks are used to verify that the information has not changed.
Lastly, Availability is about making sure that systems and data are working and can be used
when needed. If something goes down or isn’t available, it can cause big problems. For example,
if a website crashes during a big sale, customers can’t buy anything, and the business loses
money.
Next let’s talk about authentication and authorization. Even though these terms are often
used together, they mean different things in security. Authentication is about proving who you
are. For example, when you log into an online account, you type in your username and password.
The system checks if your password matches what they have on file to make sure it’s really you.
Passwords are a big part of how your account is safe. Authorization, on the other hand, happens
after authentication. It decides what you’re allowed to do once you’re logged in. This is about
what actions or files you can access. For example, a student can log into their own canvas but
cannot see everyone’s grades because only a teacher can do that.
An easy way to remember the difference between the two is Authentication is when you show
your library card to prove you’re a member. Authorization is what books you’re allowed to
borrow based on your membership. For example, if you’re a regular member, you might only be
able to borrow a few books, but if you’re a premium member, you could borrow more.
In short, the CIA Triad—Confidentiality, Integrity, and Availability is key to keeping data safe
and easy to access. Understanding the difference between authentication (proving who you are)
and authorization (figuring out what you can do) is also important for keeping systems secure.
Both are needed to make sure that only the right people can access and use data properly.

Leave a Reply

Your email address will not be published. Required fields are marked *