CIA Triad
The CIA Triad is the framework used by businesses (unrelated to the Central Intelligence
Agency) to guide their cybersecurity efforts. The CIA Triad is an acronym, standing for
confidentiality, integrity, and availability. Confidentiality specifically means that all information
must only be accessible by those authorized to see such information. Integrity means that the
information is accurate, unaltered by unauthorized individuals, and consistent. Availability
generally refers to the information server uptime, the accessibility of the information in a timely
and consistent manner, and ensuring that information is easily accessible to those with
authorization.

Authorization vs Authentication
Authorization and authentication, although sounding similar, are two distinct concepts.
Authorization is like an access level; information is sorted between different authorization levels
and only individuals with those authorizations are allowed to access the information. On the
other hand, authentication is a way of ensuring that the person requesting information is who
they say they are. It is designed to prevent one person from utilizing another person’s account to
access information that they are not themselves authorized to acquire. One common example of
authentication is known as two-factor authentication, where upon login or other important
actions, a second device is needed to authenticate the user. This is found directly on ODU
campus as well, with our DUO push system for accessing Leo Online.

Conclusion
The CIA triad is a framework for ensuring information security in business, supported by
authentication. The CIA Triad stands for confidentiality, integrity, availability. It is important to
keep information secure in the technology age, and the CIA triad is unlikely to be phased out
any time soon.