CYSE-200T, Uncategorized

CIA Triad, the Shield for Data

Posted by msurr006 on


CIA Triad, the Shield for Data


The CIA triad is confidentiality, integrity, and availability; the three characteristics of cybersecurity that professionals rely on to ensure the safety of data. Data safety is dependent upon both authentication, the verification of a user’s identity, and authorization, what the user can do with that data. In this write-up, I will first describe confidentiality and authentication. Then, I will move to integrity and authorization. Finally, I will describe availability and its importance.


Confidentiality


Confidentiality as part of the CIA triad means the steps that are taken to protect data from unauthenticated access. Examples of these steps involve the use of strong passwords, two-factor authentication, and data encryption. Authentication is a major part of confidentiality. “Consider the following simplified example of a hotel reservation. When you arrive at the hotel, the front desk clerk requests your ID to verify your reservation. Your ID authenticates you to the hotel. The front desk clerk gives you a hotel key” (Learn about Authentication and Authorization | Google Workspace, n.d.)


Integrity


Integrity pertaining to the CIA triad means that steps are taken to prevent unauthorized access, and that the data is not compromised and retains accuracy. Examples of integrity include file permissions, user access, and the prevention of accidental deletion of data. Authorization of specific users to access specific files falls under integrity. Just like the key the hotel clerk gave you after your ID had been authenticated, “this key gives you access to certain resources at the hotel such as your hotel room, the gym, and the business center. The hotel key authorizes you to access those resources” (Learn about Authentication and Authorization | Google Workspace, n.d.).


Availability


Availability is ensuring that access to data is available to those who have permission. The focus of availability is ensuring that the data is available when it is needed. This covers every aspect of connectivity, backing up, software, and hardware maintenance. Anything that could make the data unavailable when it is needed falls under availability.


Conclusion


Finally, the CIA triad is like a shield that protects data. Confidentiality, integrity, and availability are the three characteristics that make it successful. When implemented and maintained, the CIA triad is a proven set of tactics for preventing cyber-attacks. Authentication is the verification of the user’s identity through means like password protection, two factor authentication, and biometric verification. Authorization is what data the user has access to once their identity has been verified. Overall, the CIA triad is designed to be flexible to fit the protective needs of various implementations and with upkeep and maintenance is proven successful.

References


Learn about authentication and authorization | Google Workspace. (n.d.). Google for Developers. Retrieved September 15, 2024, from https://developers.google.com/workspace/guides/auth-overview

Leave a Reply

Your email address will not be published. Required fields are marked *