The AIC Triad
The AIC Triad is an acronym that stands for Availability, Integrity, and Confidentiality; these are the three core principles when dealing with IT security. Availability is based on the concept of when a person wants the information that person able to have it and does not have to wait too long or the information is not destroyed. Integrity involves only who can edit the valuable information. Confidentiality is mainly the restrictions set upon who can actually see the information as well as who is allowed to modify or delete that information as well. Even though each of these principles are valuable to IT security, the most important one of them all is Confidentiality because there has to be a set limit to how much information a person is able to see when he/she is logged into a secure system. Confidentiality limits how much access a person has to certain information. For example, a janitor would not have as much access to the secret information of a company as say the IT specialist of that company. The most accurate way to ensure that the data has not been compromised is to set restrictions on every person that is hired into the business and only allow people to have access to the information that will
…show more content…
allow them to complete their assigned job and nothing more. By doing this you get lessen the chances of secret data leaking out due to a company or business’ weak link, human workers. If there was no Confidentiality in every company’s system then anyone would be able to login to a system at the company and obtain all of the private data.
According to article 1 Information Security and the CIA Triad by Mase Consulting, it states “sensitivity implies confidentiality” this means any sensitive or private data need to be secured with the principle of confidentiality. The article “The CIA Triad by Chad Perrin” speaks about how to protect the confidentiality of your information by stating, “Protecting confidentiality hinges upon defining and enforcing appropriate access levels for information”. In short if you do not make an effort to secure your information by setting restriction levels on your information then al your private data is up for
grabs. In conclusion confidentiality is the most important AIC Triad principle because protecting your data from unauthorized people helps to ensure there are no leaks in your system. Availability is a decent second though it only talks about how much the information is available to the workers. Integrity is almost the same as confidentiality, in the sense that both ensure that data cannot be modified or deleted by unauthorized personnel. All in all, having confidentiality makes you sure that no one who is unauthorized is looking at data that he/she is not supposed to and overall helps with the security of your company.
allow them to complete their assigned job and nothing more. By doing this you get lessen the chances of secret data leaking out due to a company or business’ weak link, human workers. If there was no Confidentiality in every company’s system then anyone would be able to login to a system at the company and obtain all of the private data.
According to article 1 Information Security and the CIA Triad by Mase Consulting, it states “sensitivity implies confidentiality” this means any sensitive or private data need to be secured with the principle of confidentiality. The article “The CIA Triad by Chad Perrin” speaks about how to protect the confidentiality of your information by stating, “Protecting confidentiality hinges upon defining and enforcing appropriate access levels for information”. In short if you do not make an effort to secure your information by setting restriction levels on your information then al your private data is up for
grabs. In conclusion confidentiality is the most important AIC Triad principle because protecting your data from unauthorized people helps to ensure there are no leaks in your system. Availability is a decent second though it only talks about how much the information is available to the workers. Integrity is almost the same as confidentiality, in the sense that both ensure that data cannot be modified or deleted by unauthorized personnel. All in all, having confidentiality makes you sure that no one who is unauthorized is looking at data that he/she is not supposed to and overall helps with the security of your company.