CIA triad

Security is an integral part of our digital ecosystem.  From simple tasks like installing anti-virus software on personal or professional systems, or ensuring that our systems are not hacked, or even more complicated tasks like pen-testing, security is omnipresent and is all pervasive.  Data warehousing, databases, social media or new kid on the block(like Big Data, Digital marketing) all need security consultants to make sure that their business is running smoothly.

The CIA triad is the basic and most fundamental aspect of Information Security. It is the cornerstone on which every information security concept is built. The ‘C’ in the CIA triad stands for ‘Confidentiality’, while the ‘I’ stands for ‘Integrity’ and ‘A’ stands for ‘Availability’. We explore these fundamental concepts in detail in this post.

Confidentiality:

‘Confidentiality’ is making sure that the information that is sent from the sender to the receiver is indeed received by the receiver and no one else. This aspect of information security ensures that the information flows strictly between the sender and the receiver only. ‘Confidentiality’ is making sure that the information does not fall into wrong hands. Consider the example of a credit card – ‘confidentiality’  makes sure that the credit card information is not sniffed by miscreants who might misuse it and cause personal and financial losses to an individual. ‘Confidentiality’ also plays a role in keeping personal information such as banking information or medical information absolutely private.

 

Integrity:

‘Integrity’ ensures that none of the information that is sent from the sender to the received is tampered in transit. Considering the  case of a  credit card again – ‘integrity’ makes sure that none of the information in the credit card is tampered or altered in transit. In this age of total digital transactions,  it is absolutely imperative for integrity of data to be upheld. For the presence or absence of a small zero  at the end of number can make a lot of difference in business transactions( eg. if 500$ is charged as 5000$?!!)

 

Availability:

‘Availability’ is making sure that the information is available where and when we need it.  ‘Information is power’ is today’s motto. Information is needed at all times of the day.The more information that a business has about a customer or the more information a customer has about a business, he/she has more advantage over their peers or competitors.   Whether it is checking on the reservation status of bookings, social media update information checks, information generated from data mining, it is information, information all the way! ‘Availability is making sure that this information is available uninterrupted.

We saw the three basic tenets of Information security in this post. Join me as I explore more aspects of Information security in the next post!

 

Images source: Google images

 

6 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *