Confidentiality, Integrity and Availability
Foundational principle in cybersecurity
Confidentiality — Controlled Access
- Prevents disclosure of communication between sender and receiver (data in motion) or of stored data (data at rest)
- Properly label and store sensitive information
- Some data should be encrypted based on it’s sensitivity or use
In confidentiality we worry about controlling access to our data. We need to be concerned with two different types of data that needs to be protected. We need to make sure that our data in motion is protected. Data in motion refers to data that we’re sending from one place to another. Whether this is an e-mail message or perhaps we’re uploading important files to a cloud storage provider, we need to make sure that there is encryption in place so that unauthorized.
Check the data that we are transmitting. We also need to be concerned about protecting our data at rest. Data at rest refers to data that is being stored on a storage device, whether on a hard drive, in a laptop computer, or perhaps on a USB flash drive. The goal is to secure this data to prevent unauthorized access, especially in scenarios where these devices might be located or stolen.
It is crucial to implement proper labeling and storage practices for sensitive data, with labels varying based on industry standards. For instance, in the military, data may be categorized as Top Secret, Secret, or Unclassified. The aim is to ensure that data is appropriately protected, with access restricted according to its sensitivity.
Integrity — No Unauthorized Modification
- Ensures the accuracy and consistency of information during all processing, transmission and storage to avoid changes.
- Using Encryption, Auditing, Hashing and Digital Signatures.
When we talk about data integrity, it means making sure that no one who shouldn’t mess with our information is able to change it. This is important at every step — when we’re working on our data, when we’re sending it, and when we’re storing it.
To keep our data safe, we can use tools like encryption, which is like a secret code that makes it hard for others to understand our information. We can also use something called hashing algorithms, which are like unique fingerprints for our data, helping us detect if someone tries to tamper with it.
We can set up checks to see if anyone unauthorized is trying to access our data, and we can add digital signatures to important emails and documents. Think of digital signatures like a virtual seal that ensures the document is genuine and hasn’t been messed with by someone we don’t want. These are all ways to make sure our information stays the way it should be.
Availability — Design Robustness
- Those who are authorized to access resources can do so in a reliable and timely manner — Is it up?
- Fund Systems for Redundancy, Virtualization, Cloud Computing, Incident Response Plans, Disaster Recovery
To ensure our systems are always available when our users need them, we have to keep them running smoothly all the time. We need to be ready to deal with any issues that might come up. We put measures in place to handle problems like hardware failures or power outages, making sure our systems can bounce back without a hitch. Having backup internet connections is also important to avoid any disruptions.
Thinking about virtualization makes it easier for us to set up duplicate connections and hardware, providing a safety net for our operations. We also use cloud computing services from providers to ensure our resources are always available. It’s crucial to be ready for unexpected incidents, so we have plans and teams in place to respond quickly. This includes incident response plans for dealing with issues as they come up.
Disaster recovery is something we think about too. If something major, like a fire, happens at our main site, we need to figure out how to get our operations back up and running at a different location as fast as possible, without causing problems for our employees and customers.
Our data faces various risks that can affect confidentiality, integrity and availability. To keep our information safe, we need to create plans and take actions to defend against these potential dangers.
Imagine someone standing behind you and peeking at your computer screen, taking pictures of what’s on it, or even spying on you as you type in your password. These are examples of confidentiality threats. Another one is called “man in the middle,” where someone intercepts messages between the sender and receiver, reading the contents. To protect against these risks, we need to set up controls. This includes preventing physical theft of our devices and ensuring that unauthorized people can’t just enter our building. If, by any chance, someone steals our laptop or USB flash drive, we make sure the data on them is encrypted. This way, even if they take the device, they won’t be able to access our information.
When it comes to protecting the integrity of our data, we need to watch out for unauthorized changes. Imagine someone messing with our alert system in our security setup, making it so we don’t get warnings when something’s wrong. This lets them access our data and make changes without us knowing. There’s also a risk of someone tampering with messages being sent. For instance, someone at a company sends an email asking for a payment. An attacker could change the amount and the recipient, causing the person receiving the email to send money to the wrong place. They might even mess with our accounting records or system logs to cover their tracks. That’s why we need procedures to ensure our logs stay accurate and our system configuration files aren’t messed with, reducing the chances of losing or having our data changed in a bad way.
When we talk about making sure our systems are always available, we want to ensure that users can access them when needed. To do this, we have to be ready for different challenges. Natural disasters like tornadoes or hurricanes, or even man-made disasters like someone breaking into our data center and damaging equipment, are things we need to guard against. We also worry about parts of our systems failing. So, we use things like redundant hardware, where a server has two power supplies. If one fails, the other can still keep the server running until we fix it. Even terrorist attacks are a concern, and we need plans in place to switch our operations to a different location if needed. There’s also the threat of cyberattacks, like Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks. In a DoS attack, someone tries to take a system offline or stop authorized people from accessing it. In a DDoS attack, the attacker uses lots of computers to overwhelm and shut down a single target. We need controls in place to defend against these and make sure our operations can continue even if there’s an attack.
The Dad Triad is a simple way to remember the threats to our CIA triad. On the exam, you’ll likely encounter questions about these threats, and the D-a-d Triad is a handy way for recall.
- Disclosure (D): This is a breach in our confidentiality. If we share information with someone not allowed, we haven’t maintained the confidentiality of our data.
- Unauthorized Modification (A): This occurs when someone alters our data without permission, leading to a loss of data integrity.
- Denial (D): If an attacker can block access to our system, it’s a breach in availability. Remember, D for Denial in the D-a-d Triad.
In conclusion, understanding and implementing the principles of Confidentiality, Integrity, and Availability (CIA) form the foundational pillars of cybersecurity. Safeguarding sensitive information, preventing unauthorized access, and ensuring data remains unchanged are crucial elements in maintaining the security and reliability of our systems. The Dad Triad serves as a simple mnemonic device to recall the key threats to the CIA triad — Disclosure, Unauthorized Modification, and Denial. As we navigate the ever-evolving landscape of cybersecurity challenges, a comprehensive approach that includes robust measures for data protection, system resilience, and incident response is essential. By staying vigilant and proactive, we can fortify our defenses against potential risks, securing the confidentiality, integrity, and availability of our valuable information.