The three components of CIA triangleare Confidentiality, Integrity and Availability. The basic principle of whythis model was designed is to follow guiding principles to secure informationof an Organization.
Confidentiality has a set of rules which limits the accessof information. This way only the authorized persons will have access toinformation. Integrity is to make sure the information is clean, trustworthyand accurate. In this case no one can over write the original information forbeneficiary purposes.
Availability is to guarantee the access to only thereliable persons.Confidentiality: This component of CIA triangleis almost similar to privacy in terms of accessing the information only toauthorized persons. Certain protocols and measures are taken to make sure only the right peoplecan access and others cannot have access. The process of securing data involvesto categorize according to the type and amount of data because it may causetrouble when it is read by unauthorized persons.
Special training is necessaryto protect and secure information. The purpose of training will familiarizeauthorized person about the risk factors and how to safe guard against them.Protecting the information encourages customers to have a strong passwords to preventothers from miss-handling the information and cause disastrous results.Good and simple example is how to access your Gmail account. User isencouraged to set strong passwords, 3 step verifications etc. Entering thepassword is just not enough to login to an account, security code will be sentto the phone number which was registered as primary contact number at the timeof creating the account. Also when logging in with the same device we can savethe passwords and security questions. But logging in with other devices willagain requires a password and step 2 & 3 verifications where few questions needto be answered.
Integrity: This componenthelps in maintaining the information trustworthy and accurate throughout theprocess of life cycle. During the process of life cycle steps and measures aretaken care of that data is not altered, transferred and manipulated by anyone.System may generate some errors in data while migrating or updating due to theversions and file permissions. Certain steps need to be followed to not allowsuch kind of errors to happen in data. Example: Organizations that use SQL Server toolas their database to protect and access their data, when updates are requiredto the tool, the system engineers are trained to make sure follow certain guidelines to migrate the tool with no change in data. Also protect frommanipulation of data or any system generate errors. Few cases where users willhave no access to tool which indicates transition of data is unsuccessful.
Soto avoid such situations back up plan is always required and helpful. Availability: This component of CIA triangle isto make sure the data is available at the right time when it is needed. Having able to access the informationwhen user needs to is the priority of this component. This component will be able to function only when all thesystem related and remaining components are working properly. Due to issueslike not granting access to authorized people, information not being availableto users when needed, wrong information is displayed when user access or noinformation at all when user’s access will make the process of securinginformation fail.
This component willtake effective measures to protect the information and ensure that informationis available to right people at right time. Example: Accessing the bank account. People accessbank account to look at their account activities. What if no information isavailable or incorrect information is displayed. High chances of losing trustin the Organization and their security measures.
