A fundamental law which clearly explain how the information assets need to be secured, It broadly classified into three major types
Confidentiality
Integrity
Availability
Confidentiality
The process or an technique to protect/defend against any form of un-authorized access to an information, information such as Excel sheet, word documents even an printed paper, in-general information are sensitive in nature and more valuable assets to the organizations.
Note: Information are set of processed data, its an combination of analyzing and interpreting pieces of RAW data presented in a meaningful context read more
Confidentiality can be achieved by
To achieve confidentiality several procedure needs to be followed
Encryption
Access Control
Authentication
Authorization
Physical security
Integrity
The process or an technique to protect/defend against any form of un-authorized modification to an information, modification such as [updating or editing original data]
these techniques are used to achieve trustworthiness and tamper free data.
Integrity can be achieved by
Access control
checksums
Integrity monitoring
Availability
The process or an technique to maintain constant available of information, this can be achieved maintaining the hardware/software
the data must be accessible to the user when they are required
Availability can be achieved by
Maintaining the hardware/software
Data backup
Implementing RAID
Summary
Information's are the key assets to an organizations, it need some fundamental law which clearly explain how the information assets need to be secured, these can be achieved by CIA triad.
Comments