Overview
This lecture introduces the CIA triad—confidentiality, integrity, and availability—as the foundational model for information security policies.
The CIA Triad
- The CIA triad stands for confidentiality, integrity, and availability in information security.
- These principles guide the creation of workplace and personal security policies.
Confidentiality
- Confidentiality means keeping information hidden from unauthorized access.
- Password protection is a common method of ensuring confidentiality.
- Only people who need access to data should know how to gain it.
Integrity
- Integrity means data remains accurate and untampered with during transmission or storage.
- Changes in file size or unexpected alterations can signal compromised integrity.
- Ensuring integrity protects against unwanted or unsafe modifications to data.
Availability
- Availability ensures information is accessible to authorized users when needed.
- System backups and preparations help maintain availability during outages or attacks.
- Security attacks may target availability by disrupting services or holding systems hostage for ransom.
Key Terms & Definitions
- Confidentiality — Keeping data hidden from unauthorized users.
- Integrity — Ensuring data is accurate and unaltered.
- Availability — Guaranteeing authorized access to data and systems when required.
- CIA Triad — The three core principles (confidentiality, integrity, availability) guiding information security.
Action Items / Next Steps
- Reflect on ways confidentiality, integrity, and availability apply to your own digital environments.
- Prepare to see examples of the CIA triad in future course materials.