Confidentiality, Integrity, and Availability

CIA Triad

Confidentiality, Integrity, and Availability

Information Security is best addressed from the foot of the CIA Triad or Triangle, beginning with the basics, Confidentiality, Integrity, and Availability.

Confidentialitya set of rules or a promise that limits access or places restrictions on certain types of information.  In short, keeping your secrets secret.

Integrity: In information security, data integrity means maintaining and assuring the accuracy and consistency of data over its entire life-cycle.
 This means that data cannot be modified in an unauthorized or undetected manner. Integrity is violated when a message is actively modified in transit. Information security systems typically provide message integrity in addition to data confidentiality.

Availability: For any information system to serve its purpose, the information must be available when it is needed. This means that the computing systems used to store and process the information, the security controls used to protect it, and the communication channels used to access it must be functioning correctly. High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down.