Confidentiality, integrity, and availability in cybersecurity represent the CIA triad. This is a model designed to direct policies for security within an organization.
The C in the acronym stands for confidentially, basically meaning privacy. Confidential measures are made to stop delicate information from unauthorized access attempts. Examples of keeping confidentiality are encryption. Two-factor authentication is starting to become the new norm. Other examples include security tokens and key fobs. Users can also minimize the number of places information appears and the number of times it’s passed to complete a required transaction.
Integrity is the next word in the triad. This means keeping data accurate, consistent, and trustworthy throughout its entire lifespan. Data should not be changed in transit, and steps must be taken to ensure data can not be changed by unauthorized people. Examples include file permissions and user access controls. Companies should use electromagnetic pules (EMTs) or server crashers to detect any non-human changes. Data could include checksums for verification of integrity. Redundancies and backups also must be available to restore the affected data to its original state, if tampered with. Lastly is Availability, meaning information should always be available to be accessed by authorized users. This requires appropriately maintaining infrastructure and systems that hold and show the information. Examples include performing repairs as soon as needed, You have to have your system as upgraded as possible. Fast and adaptive disaster recovery is needed for worst-case scenarios. The best way to prevent data loss in worst-case scenarios is to have a backup copy stored in geographically isolated locations, even in a fire and waterproof safe. In the event of a natural disaster or fire safeguards.
Authorization and authentication are both important information security processes that companies and organizations use. Authentication is verifying who a user is, and authorization is verifying what they have access to. You can find examples when trying to catch a flight. When you go through security in an airport, you have to show your ID to “authenticate” your identity. After that when you arrive at the gate, you display your boarding pass to the flight attendant, so they can “authorize” you to board your flight to allow access to the plane.
Works Cited
Auth0. “Authentication vs. Authorization.” Auth0 Docs, https://auth0.com/docs/get-started/identity-fundamentals/authentication-and-authorization.
Chai, Wesley. “What Is the CIA triad_ Definition, Explanation, Examples – Techtarget.pdf.” Google Drive, Google, 26 June 2020, https://drive.google.com/file/d/1898r4pGpKHN6bmKcwlxPdVZpCC6Moy8l/view.