I’m studying and need help with a Computer Science question to help me learn.
Confidentiality is nothing but privacy that needs to be protected by taking measures to prevent sensitive information from reaching wrong people. Only people who have access to the data should be able to protect the amount and type of damage that could be done should it fall into unintended hands. Sometimes safeguarding data confidentiality may involve special training for those privy to such documents. Such training would typically involve security risks that could threaten this information. Training can help familiarize authorized people with risk factors and how to guard against them. There should be involvement of strong passwords and password-related best practices and information about social engineering methods, to prevent them from bending data-handling rules with good intentions and potentially disastrous results.
Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire life cycle. Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people. In this it includes file permissions and user access controls.
Availability is best ensured by rigorously maintaining all hardware, performing hardware repairs immediately when needed and maintaining a correctly functioning operating system environment that is free of software conflicts. To prevent data loss from such occurrences, a backup copy may be stored in a geographically-isolated location.
All these 3 are important in management and it’s an important security concept because all security controls, mechanisms and safeguards are implemented to provide one or more of these protection types. All risks, threats and vulnerabilities are measured for their potential capability to compromise one or all of the CIA principles. This will create a plan for protecting the organizational security and its critical assets.
Shabtai, A., Elovici, Y., & Rokach, L. (2012). Introduction to Information Security. In A Survey of Data Leakage Detection and Prevention Solutions (pp. 1-4). Springer US.