2. Confidentiality
Information is kept confidential or secret from unauthorized users or from
people who are not allowed to see it. For example, credit card transactions
over the internet. As a transaction is made the credit card number is encrypted
by restricting access to the credit card number and users information.
Integrity
Information can not be modified without detection. Integrity ensures that the
data stored is correct and that no one has altered the data in any way. Data
sent back and forth use protection methods such as hashing and checksums.
The data needs to be protected from modification and deletion by
unauthorized users as well as user mistakes such as file deletion.
3. Availability
The information created and stored by an organization needs to be available
to authorized users and applications. If data is lost it can be restored using
Availability. Information needs to be be accessible and well taken care of.
Things should be maintained such as redundancy, backups and recovery
features. There should also be some good protection against threats placed
on the system as well.
Technicians should also be trained in proper disaster recovery and backup
plans.
Environmental issues are also a large part of Availability, issues such as
extreme cold and extreme heat can cause big problems with sensitive
equipment.
4. It takes an equal
combination of all
three, confidentiality,
integrity and
availability to have a
properly running
infrastructure whereas
security is directly in
the middle of the triad.