What is the CIA triad? [CHAPTER - 1]
The CIA triad, also known as confidentiality, integrity, and availability, is a concept created to direct information security policies inside a company. To avoid confusion with the Central Intelligence Agency, the approach is sometimes frequently referred to as the AIC triad (availability, integrity, and confidentiality). Although the CIA triad's components are three of the most fundamental and important cybersecurity requirements, experts think the triad has to be updated to be effective.
In this context, availability refers to a commitment that the information will be dependable for use by authorized individuals, integrity refers to the assurance that the information is trustworthy and accurate, and confidentiality refers to a system of rules that restrict access to information.
Special training for those who have access to sensitive documents is often required to protect data confidentiality. Authorized individuals can benefit from training to become more familiar with risk factors and preventative measures. Strong passwords, password-related best practices, and knowledge of social engineering techniques are possible additional components of training to deter users from violating data handling policies with good intentions and potentially devastating outcomes.
Requiring an account number or routing number while banking online is a good illustration of a strategy used to protect confidentiality. Another popular technique for protecting confidentiality is data encryption. Two-factor authentication (2FA) is starting to replace the conventional practice of using user IDs and passwords. Security tokens, key fobs, and biometric verification are other choices.
Documents that contain highly sensitive information may require additional security precautions, such as storage solely on air-gapped computers, disconnected storage devices, or in physical copy form.
- Data should be handled based on the organization's required privacy.
- Data should be encrypted using 2FA.
- Keep access control lists and other file permissions up to date.
These security measures include user access restrictions and file permissions. Version control can be used to stop authorized users from making mistakes or accidentally deleting things. Organizations must also provide some method for detecting any data changes that can happen from non-human events like an electromagnetic pulse (EMP) or server crash.
Checksums, including cryptographic checksums, may be used in data to verify its integrity. To restore the impacted data to its original condition, backups or redundancies must be accessible. Additionally, by using digital signatures to provide effective protection, it is impossible to dispute the evidence of logins, messages transmitted, and the reading and sending of electronic documents.
Ensure employees are knowledgeable about compliance and regulatory requirements to minimize human error.
Use backup and recovery software.
To ensure integrity, use version control, access control, security control, data logs and checksums.
Ensure nobody can modify data without proper authorization.
The best ways to do this are to keep all hardware under strict maintenance, fix any hardware issues as soon as they arise, and maintain a stable OS environment free of software conflicts. Additionally, it's critical to stay up to date on all required system upgrades. Equally crucial strategies include ensuring sufficient communication capacity and avoiding bottlenecks. When hardware problems do arise, redundancy, failover, RAID, and even high-availability clusters can help to prevent major repercussions.
For the worst-case scenarios, quick and adaptable disaster recovery is crucial; this capability depends on the presence of a thorough DR plan.
Use preventive measures such as redundancy, failover and RAID. Ensure systems and applications stay updated.
Use network or server monitoring systems.
Ensure a data recovery and business continuity (BC) plan is in place in case of data loss
Ensure that nothing takes down the server