Confidentiality, integrity, and availability, aka the CIA triangle, is a security model designed to guide policies for information security within an organization. The elements of the triad are considered the three most crucial components of security. Confidentiality
Confidentiality is the security principle that controls access to information. It is designed to prevent sensitive information from being accessed by the wrong people, while ensuring the right people can, in fact, get appropriately managed access to it.
Access must be restricted only to those who are authorized to view the required data. Data can be categorized according to the severity and type …show more content…
An example of a method used to ensure confidentiality is the use of data encryption. Also, User IDs and passwords constitute a standard procedure, and the addition of two-factor authentication is now becoming the norm for authenticating users to access sensitive data.
Other methods include biometric verification, security tokens, and digital certificates. Users should also take precautions to minimized the number of places where the information appears and sensitive data is transmitted to complete a required transaction.
Integrity
Integrity is the assurance that the sensitive data is trustworthy and accurate. It involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle. Sensitive data should not be altered in transit, and security measures should be taken to make sure that it cannot be modified by unauthorized users. These measures include file permissions and user access …show more content…
It is best guaranteed by properly maintaining all hardware and software necessary to ensure the availability of sensitive data. It’s also important to keep current with all necessary system upgrades. Providing adequate communication throughput and preventing the occurrence of bottleneck helps as well. Redundancy, failover, RAID, and clustering are important measures that should be considered to avoid serious availability problems.
A fast and adaptive disaster recovery plan is crucial for the worst-case scenarios, which will depend on the successful execution of a full disaster recovery plan.
Safeguards against data loss or interruptions in connections should consider unpredictable events such as natural disasters and fire. To prevent data loss from occurrences, backup should be located in a geographically separate location, and in a fireproof, waterproof vault.
Extra security equipment or software such as firewalls and proxy servers should be used to prevent downtime due to malicious attacks such as denial-of-service DOS attacks and network