The CIA triad is a security model that is designed to help guide policies for information security within an organization. Another name for this would be the AIC triad, to sometimes avoid confusion with the other CIA organization. CIA stands for Confidentiality, Integrity, and Availability. These three key concepts work in conjunction with one another to provide the best possible security.
Confidentiality is the measurement that prevents unauthorized access to sensitive information, categorizing data based on potential damage. An example of this would be having a password or two-factor authentication before accessing information. Integrity is maintaining the accuracy and the entirety of the data. Ensuring that the data isn’t altered or corrupted, with examples such as file permissions and user access controls. Availability is how easily the information and data can be accessed by those who have authorization. An example of this would be creating backup systems or recovery plans to ensure the user’s information is safe and can be readily accessed.
However, there is a key difference between authorization and authentication within the tech space. Authentication simply verifies the identity of the user, while authorization determines what the user is allowed to access. Authentication usually comes first before authorization. An example of authentication would be a student using a two-factor authenticator to give them a passcode that they need before they can log in to their school email. Authorization would be how much of their email they will be able to access once they log in. In this case, it should hopefully be every email since the school email belongs to the student.