What is a CIA Triad? — Emereoworld.com

What is a CIA Triad?

Information security is based on three fundamental tenets, called the CIA triad. Those tenets are confidentiality, integrity, and availability. As a security model, the CIA triad has been used to identify possible problems in a system and discover appropriate solutions for information security.

Confidentiality

Whether the information is considered confidential, or a person would simply like it to be private requires systems and processes to be put into place preventing unauthorized access and use. For this reason, one leg of the CIA triad model is confidentiality. The first step in this area is to provide an ability to identify a specific piece of data as confidential. Not all information is confidential, and not all information has the same level of confidentiality. Therefore, a simple task of identifying the level of “privacy” data should have can become a rather complex project.

Integrity

One of the most important concerns in data control is the “integrity” of the data; that is, the ability of the data to be accurate, reliable, and available at any given time. In order to maintain a world class business, it is a necessity to have a solid ability to modify the data available to the business, whether that data is customer and employee records, intellectual property, company policies and procedures, press releases, or the like. At the same time, it is important to ensure that the data isn’t changed by unauthorized personnel. The CIA triad leg of integrity focuses on these concerns.

Availability

When information is not available, it might as well be useless. This is the concern of the third leg of the CIA triad:  availability. In this area, the information security professional is focused on creating and maintaining a computer architecture that allows for the greater availability to the information housed on the system. One major concern is to manage the computer infrastructure from possible threats, such as malicious viruses, power outages, and failures in hardware. The second major concern is ensuring that components are maintained appropriately, providing the required health checks, and making upgrades to hardware and software as required.

for more information about CIA, and to be well prepared for your CISSP exam –  sign up for the CISSP exam preparation course:

**For Instant Access, follow these simple steps
1. Go here
2. choose your username and password and create your account
3. confirm your registration, log in and receive your  enrollment key to your exam preps instantly upon confirmation of your paypal transaction **

Previous post:

Next post: