The CIA Triad:<\/p>\n\n\n\n
The CIA Triad is a set of core concepts used to define the bases of data security in regards to the storage and transportation of data. The CIA stands for confidentiality, integrity, and availably and are the three principles that need to be maintained for proper data security. Confidentiality refers to the assurance that the data is only able to be viewed by those intended and or designated and no one else. A good example of confidentiality being breached would be a bank accidentally allowing someone to view another person\u2019s banking information. The second point, integrity, is ensuring that the data is not altered or changed in any way while being transported or stored through either accidental means or through malicious activity. If a student were to gain access to the university\u2019s degree works system and change their degree completion status then there would be a breach in the integrity of the data. Lastly, maintaining availability is keeping the data accessible whenever needed by the associated parties. The principle of availability would be violated if the file servers went down at a government agency leaving the employees without access to critical record data. It is critical that these three principles are maintained to ensure both the reliability and security of data. <\/p>\n\n\n\n
Authentication and Authorization:<\/p>\n\n\n\n
Authentication in reference to computer systems is the validation that someone is really who they say they are. This is often done through systems such as passwords, key-cards, two-factor, and through biometrics. This is usually the first step in accessing systems followed by the process of authorization. Authorization is the process in which permissions are given to the user to access and use specific resources or function within a system. As a data center employee logs into a system, they would be asked to authenticate themselves through one or more of the methods previously mentioned. After the system authenticates the user, the process of authorization takes place where the system grants the user access and permissions to authorized resources corresponding to their role. <\/p>\n\n\n\n
References:<\/strong><\/p>\n\n\n\n Authentication vs. authorization<\/em>. Okta. (n.d.). Retrieved September 22, 2021, from https:\/\/www.okta.com\/identity-101\/authentication-vs-authorization\/.<\/p>\n\n\n\n Fruhlinger, J. (2020, February 10). The CIA Triad: DEFINITION, components and examples<\/em>. CSO Online. Retrieved September 22, 2021, from https:\/\/www.csoonline.com\/article\/3519908\/the-cia-triad-definition-components-and-examples.html.<\/p>\n\n\n\n Important alerts\ue00e<\/em>. TechWeb RSS. (n.d.). Retrieved September 22, 2021, from https:\/\/www.bu.edu\/tech\/about\/security-resources\/bestpractice\/auth\/.<\/p>\n","protected":false},"excerpt":{"rendered":" The CIA Triad: The CIA Triad is a set of core concepts used to define the bases of data security in regards to the storage and transportation of data. The CIA stands for confidentiality, integrity, and availably and are the three principles that need to be maintained for proper data security. Confidentiality refers to… <\/p>\n