The CIA triad is a simple breakdown of the information security’s three principles. Initially, one would think that it is an extension from the Central Intelligence Agency, but it has nothing to do with them at all. In this context, C.I.A. stand for the principles of Confidentiality, Integrity, and Availability. They are mentioned as a triad due to always being intertwined with each other for the security of the information that is being safeguarded.
Confidentiality is simply extending data to only authorized users, and they are the ones who can read or modify that data. Utilizing access codes, identification, two-factor authentication, and many other means can give the authorized user or system access to the data. Integrity in this context is the state of the data, and that it is not manipulated or modified improperly. For instance, a receipt of a purchase should match up to a bank record, showing that the integrity of the data has not been modified. Availability is the ability to access the data when its needed. For example, in the military we use common access cards (CAC) to log into our websites. The availability is through the card reader and website, while the CAC maintains the confidentiality.
Besides the CAC access being an example, Old Dominion University uses the two-step authentication for another example of the CIA triad. The user has a login and password followed by a “push” to another trusted device to tell the system that it is a verified user logging in. Logins and passwords can be predicted and decoded easily, and this “push” for access to another device secures the users privacy and availability to the data. This example also ties into Authentication and Authorization.
Authentication is how a person identifies themselves to the system. Whether it be tokens, keys, ID’s, or any other means available. Authorization ensures who has the access to the data provided. With the example of Old Dominion University’s login, a person used their login, password, and two-step authentication to show the system who they are. The authorization of the user is provided by the school. Students have their own information and access to their information while professors have a wider range of customization and access of materials and can show students different data, materials needed for certain timeframes, submission for work and anything related to class as needed.
In summary, the CIA triad is a three-principle system that works together to provide the security for the data and users. Like any tripod or three-legged stool, all three supports have to work together for the entire system of security to be managed. If one principle falls short, then the other two are compromised.


Sources
Accounts & Access. (n.d.). Retrieved September 28, 2020, from https://www.odu.edu/ts/access
Fruhlinger, J. (2020, February 10). The CIA triad: Definition, components and examples. Retrieved September 28, 2020.