The CIA Triad is basically a security model for organizations and businesses. The C stands for confidentiality, the I stands for integrity and the A stands for availability. All three components were formed at different times and not necessarily by a single founder. Confidentiality was formalized in a 1976 U.S. Air Force Study. Integrity was formalized in a 1987 paper. The idea of availability was brought up in 1988 when the Morris worm knocked a significant portion of the embryonic internet offline. These three components make you question the types of services offered at the organization to make sure the information is being properly handed and secured. Every organization should be able to achieve all three concepts to ensure that their customer’s data isn’t in the wrong hands. Authentication is a process where it allows systems to determine if a user is who they say they are. An example is the Duo Mobile app we use here at ODU when signing into our my.odu account, it takes us to an app to make sure it’s the right person signing in or you can get sent a code to your phone to ensure that it’s you as well. Authorization is the right to access the data. An example of this could be having access to a certain google document. One of your professors might have a google doc folder for the class, and to get access to it, you would need to be signed into your ODU email and not your personal one. A few examples of availability include keeping your hardware up to date, and monitoring bandwidth usage. A few examples of integrity are somewhat the same from confidentiality because you can’t alter/change data if you don’t have the proper access to it. One of them could be altering business data to affect decision making.