The CIA triad, which stands for confidentiality, integrity, and availability,is a widely used information security model for guiding an organization’s efforts and policies aimed at keeping its data secure. The model has nothing to do with the US Central Intelligence Agency; rather, the initials evoke the three principles on which infosec rests:
Confidentiality: Only authorized users and processes should be able to access or modify data
Integrity: Data should be maintained in a correct state and nobody should be able to improperly modify it, either accidentally or maliciously
Availability: Authorized users should be able to access data whenever they need to do so
Considering these three principles as a triad ensures that security pros think deeply about how they overlap and can sometimes be in tension with one another, which can help in establishing priorities when implementing security policies.
Comments