What and how the Triad operates

The CIA triad is considered to be a security model for organizations to use to keep data safe (Fruhlinger). The first acronym for CIA is Confidentiality. It means only authorized users are able to access/modify data. The next letter in the CIA means integrity. This means all the data should be maintained to the point nobody can change it on purpose or by accident. The last letter A means availability. All this means is authorized users are able to access the data when they need to. Authentication and authorization are two very similar concepts but have different meanings behind them. Both of these would fall under confidentiality. Authentication deals with verifying who someone is. This is the most simple one considering you can verify yourself almost anywhere. Authorization is the backbone behind authentication. Authorization puts a limit on the verified user. It determines who has the right to access data. SailPoint gives a realistic interpretation of this. Let’s say an airline is boarding passengers. The first thing they will do is check for authentication to verify everybody that should be on the plane is on the plan. Next they go through an authorization process. This process will allow the verified passengers access to what they are supposed to have such as first class, VIP, and any other special services.(SailPoint) Another example would be working a top secret clearance job or any government job at that. There are levels of clearance you have. You might pass the authentication process by being an employee at said job. However if you do not have the clearance you will not be able to access certain data. We see it all the time in movies where the protagonist or antagonist steals someone’s information that has the top secret clearance they need. All three aspects of the triad are important parts to keep data safe and accessible.