There are three primary concepts of information security: confidentiality, integrity, and availability. This is known as the CIA triad. This
model is used to guide organizations attempt to keep their information and
data secure.

Confidentiality is similar to privacy but is not the same. It refers to the ability
to protect data from those who are not authorized to view it. For example,
when someone uses an ATM, they would most likely want the PIN they use to
withdraw money stay confidential.

Integrity refers to the ability to make sure the data is not being changed in
an unauthorized manner. Examples of this could be deleting a specific
portion of data or adding something that is false.

Availability is the ability to access the data when you need it. Availability can
be lost by because of multiple reasons. Some of these reasons include power
loss, network attacks, and application problems.

Authentication and authorization sound like two similar terms but they are
different. Authentication is the process of validating that the user is who he
or she claim to be. This is completed with things like passwords and pins.
Authorization is the act of giving the user permission to access certain data.
For example, providing certain employees with administrative access to an
application