BLUF: The CIA triad consists of Confidentiality, Integrity, and Availability; and used as a model to guide policies for information security in any organization.

Concepts of the CIA Triad

Confidentiality is very similar to privacy. It is designed to protect sensitive information from unauthorized access. Different types of data have different security levels. Integrity involves maintaining consistency, accuracy, and trustworthiness for data. It ensures that all procedures are being followed regarding data’s protection. Availability makes sure data is easily accessible for authorized users. This includes keeping up with hardware and software.

Authorization vs. Authentication

Authorization and authentication are very similar and both deal with authorizing. Authorization is the act of giving permission to a user to access data; while authentication is verifying a user is an authorized user. For example, whenever an employer gives an employee access to changing payroll, that’s an example of authorization. On the other hand, two-factor authentication is an example of authentication by using a different form of communication, like a text message, to verify the user is truly themselves.

Conclusion

The CIA triad is a model used to guide policies for information security in any organization. There are three concepts of the CIA triad. Confidentiality is designed to protect sensitive information from unauthorized access. Integrity involves maintaining consistency, accuracy, and trustworthiness for data. Availability makes sure data is accessible to authorized users at any time. Authorization is the act of giving a user permission to access data. Authentication verifies that a user is authorized to access the data.

References

Chai, Wesley, What is the CIA triad? Wesley Chai,

https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view