Skip to main content

Use the CIA triad to protect organizations

The CIA triangle is a concept that can assist organisations think about risk while developing systems and security policies. It consists of three components that cybersecurity analysts and organisations strive to maintain: confidentiality, integrity, and availability. Maintaining an acceptable level of risk and ensuring that systems and policies are developed with these factors in mind aids in the establishment of a successful security posture, which refers to an organization's ability to manage its defence of key assets and data as well as respond to change. 

Confidentiality

The concept of confidentiality states that only people with permission can access particular resources or data. The application of design principles, such as the concept of least privilege, can improve secrecy inside an organisation. The least privilege principle restricts users' access to only the data they need to finish tasks relevant to their jobs. One technique to keep private data secure and secret is by limiting access. 

Integrity

Integrity refers to the notion that the data is authentic, verifiably correct, and trustworthy. It is crucial to have protocols in place to check the validity of data. Cryptography, which is used to modify data so that unauthorised parties cannot read it or tamper with it, is one method of confirming data integrity (NIST, 2022). The process of transforming data from a readable format to an encoded format, known as encryption, is another illustration of how a company could implement integrity. Data, such as messages on a company's internal chat platform, can be protected by encryption to prohibit access and ensure that it cannot be altered.  

Availability

The concept of availability states that users who have permission to view the data can do so. Data can be used when necessary when a system abides by the availability and confidentiality criteria. In the workplace, this can imply that the company permits distant workers to access its internal network and carry out their duties. It's important to note that, based on the level of access that employees require in order to do their duties, access to data on the internal network is still restricted. For instance, a worker in the accounting division of the company might require access to corporate funds but not to information on ongoing development initiatives. 

Comments

Post a Comment

Popular posts from this blog

Compile OpenSSH 9

Install  yum install rpm-build zlib-devel openssl-devel pam-devel libselinux-devel gcc perl-devel libXt-devel gtk2-devel make -y wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.3p2.tar.gz ./configure --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/home/saz163user/ssh ./configure make make install
Post a Comment
Read more

People who like to be alone

People who enjoy being alone and seek solitude may exhibit a variety of personality traits. Here are some potential traits that may be present in individuals who prefer to be alone:     Independence: People who enjoy being alone may value their independence and may be comfortable making decisions and going about their daily lives on their own. They may be self-motivated and able to entertain themselves without the need for external stimuli.     Introversion: Many people who enjoy being alone may be introverted, meaning that they tend to be more inwardly focused and may get their energy from solitude rather than social interactions. Introverts may prefer to spend time alone thinking, reading, or engaging in solitary activities.Creativity: Being alone can provide an opportunity for people to tap into their creativity and to engage in activities that allow them to express themselves. People who enjoy being alone may be more inclined to engage in creative pursu...
Post a Comment
Read more