Overview
This lecture introduces the CIA triadâconfidentiality, integrity, and availabilityâwhich forms the foundation of information security policies.
The CIA Triad
- The CIA triad stands for confidentiality, integrity, and availability in information security.
- The triad is a key model for designing both workplace and personal security policies.
Confidentiality
- Confidentiality means keeping data hidden from unauthorized users.
- Password protection is a common method to ensure confidentiality.
- Access to sensitive information should be limited to only those who need it.
Integrity
- Integrity ensures that data remains accurate and unaltered during storage or transmission.
- Changes in file size or unexpected content may indicate a loss of integrity and potential danger.
- Integrity protects against tampering and corruption of data.
Availability
- Availability means that authorized users can access information when needed.
- Being prepared for data loss or system downtime supports availability.
- Some security attacks aim to make data or systems unavailable, sometimes demanding ransom.
Importance of CIA in Security
- All aspects of information security relate back to at least one principle of the CIA triad.
- Understanding and applying the CIA triad helps prevent and respond to security attacks.
Key Terms & Definitions
- CIA Triad â The model of confidentiality, integrity, and availability guiding information security.
- Confidentiality â Protecting information from unauthorized access.
- Integrity â Maintaining the accuracy and trustworthiness of data.
- Availability â Ensuring information is accessible to authorized users when needed.
Action Items / Next Steps
- Remember the three principles of the CIA triad throughout the course.