Confidentiality, integrity and availability, an abbreviation of CIA Triad, is a model design that highlight core data security objective within an organization to keep their sensitive data protected from unauthorized access.
Fundamentals of CIA Triad:
By name of the model, it is not connected with the Central Intelligence Agency for sure. The following is a breakdown of the three key components that form the CIA triad:
Confidentiality:
It prevents the disclosure of data to unauthorized people so that only authorized people can access data. An example would be that your medical history only available to your doctor and nobody else. It also tends to encrypt data to keep it confidential.
Integrity:
Integrity measures protect information from unauthorized alteration. These measures assure the accuracy and completeness of data. The need to protect information includes both data that is stored on systems and data that is transmitted between systems such as email. The information can’t be tempered from initial source to destination or even at rest.
Availability:
In order for an information system to be useful, it must be available to authorized users. Availability measures protect timely and uninterrupted access to the system. Some of the most fundamental threats to availability are non-malicious in nature and include hardware failures, unscheduled software downtime, and network bandwidth issues.
Why the CIA Triad is important?
While talking about the CIA Triad, it is a foundational principle in cybersecurity that can help or guide the architectural development of the security system in an organization.
Like other security models, the CIA Triad
has a critical point of view. For instance, data is the
the center point around which you should structure your security models.
Some other models like identification management, data classification, access management, user behavioral analytics (UBA), focuses on security management modules. By implementing different approaches to your security model you’re able to deter or counter cyber threats from the highly advanced security structure.
The components of the CIA triads have been
linked as an interconnected system, rather than as independent concepts, which
help the organizations to understand the relationship between the three
fundamental cores.
Challenges for the CIA Triad:
Big Data poses a challenge to the CIA paradigm because of the immense amount of data that needs to be safeguarded. In the growing era of technology, the devices were adding to the increasing stream of data in various formats. As the primary purpose of handling big data is to collect and make interpretations of all of the information, responsible oversight can be a major concern.
Internet of Things privacy and security is another concern of challenge. Over the years more internet devices enabled on the market, which can remain unpatched or use fragile passwords. While many devices don’t transmit sensitive information, it’s feasible for an attacker gathers enough information from each endpoint, analyze it, and reveal information you would rather keep private.
Other than the CIA triad, there is a certain aspect that exists in information security:
·
Non-Repudiation:
is the assurance that someone can’t deny something.
· Authentication: is the process of recognizing a user’s identity.
· Authorization: is the next step in the login process, which determines what a user can do and see on your website.
I read your article and learned something new as a result of reading it. Its really quite useful and unique. Keep posting like this..
ReplyDeleteISO 27001 Consulting Services
Cybersecurity Company in Bangalore
Penetration testing services
SOC Monitoring Service Provider
IT infrastructure services in Bangalore
AMC services in Bangalore