The fundamental concepts of security are confidential, integrity and availability which are known as CIA triad. Security measures are taken to protect these secure fundamentals.
Confidentiality â€“ is about protecting data from disclosure to unauthorized users. Information is so valuable that it needs to be taking care, considering an example of bank accounts, credit card information, valuable government information, etc. In such cases, only Encryption plays a prominent role to secure the information. With encryption, no one can read the key except the machine. Encryption is a process of generating random alphanumeric characters which can be decrypted by a machine. While using internet SSL/TLS are the protocols used to ensure security.
Integrity â€“ The integrity of information refers to protecting information from being modified by unauthorized parties (Chia, 2012). Being said that what if the information is being corrupted? During Sep 2016, Wells Fargo employee (developer) created fake millions of accounts to juice bankâ€™s books. If information is not consistent while transit then there can be serious issues. This can be avoided by implementing checksums, cryptography or electromagnetic pulse for validating integrity.
Availability – Availability of information refers to ensuring that authorized parties are able to access the information when needed (Chia, 2012). Important information should be accessed by the right individual. What if some valuable information is accessed by unauthorized users? â€“ it can cause some damage. There authentication and authorization are the crucial elements to protect information. What if that valuable information is available to hackers? Or what if some valuable data is lost with server crash? So upgrading systems, creating a data recovery plan, backup, etc can prevent from data loss. Investing in firewalls setup and proxy servers can guard against denial of service attacks.
Confidentiality: In this step only the authorized will be able to access the data. Unauthorized people won’t be able to access our data. Example while working in a IT industry even though we are part of a huge team you will be able to see only the data on the module which we are working. In order to view documents or folders belonging to other teams , you won’t have access to them. In order to view the data we need to request access and provide the justification. Then only you will be able to access them depending on the need.
Depending on the people who are receiving our data, the severity will be increased.Depending on the access of information to the undisclosed recipients and the extent they use our data it will adversely impact the organization or individual.
Once the data is accessed by the unauthorized persons they can tamper the data to the extent they need. This will have adverse effects depending on the situation. In some crucial cases this tampering or destruction can lead to difficult situations. They were so many instances due to this many personal and organizations have been affected.
In wireless communication if the information is available to any third parties or agencies the Nation security will be at risk. This impact can be on any field like military , banks and armed forces. So always the data should be protected and only the right people should have access to the data.
By applying the CIA principles the confidentiality, Integrity and the availability are secured. Information security can provide unauthorized users of not accessing the data . Therefore the data is not modified and the authenticity of the data can be kept.