When you first hear the words CIA Triad, one may think this has something to do with the Central Intelligence Agency. Maybe it is a subsection, or special group within the CIA. However, the CIA Triad is actually an information security model that helps organizations keep their data secured (Fruhlinger, 2020). There are three tenets that make up the CIA Triad: Confidentiality, Integrity, and Availability. Confidentiality is all about user authorization; allowing authorized users to access and modify data. Integrity refers to the validity of data. Finally, availability is about the accessibility of data and other information to authorized users.
Confidentiality is really important for an organization. WIthout it, almost anybody would be able to access their private information. Organizations must authenticate users before giving them authorization to access their information. Authentication is the process of proving identification; validating that the user is who they say they are. Whereas authorization is the permissions granted to specific users, usually allowing said users to access and modify important files (Okta). The most basic way is username and password. However, this may not be enough to prove identification as passwords can become hacked or leaked. Companies can use other methods, such as biometrics or even two-factor authentication through a mobile device. When data is shared or transferred over networks, they still have to abide by confidentiality. Organizations can use methods such as cryptography to keep data private when transferring them.
Integrity, or the validity of data, is very important to organizations. Once the integrity of information is gone, the data becomes useless. Information can lose integrity when anyone unauthorized changes the information data, or even data corruption (Fruhlinger, 2020). Therefore, maintaining proper authorization can help keep integrity within the organization. One thing to note about the CIA Triad is there are many overlaps between each section.