The CIA Triad is a widely known model in information security, representing the three core principles that guide security policies and practices.
Components
Confidentiality
- Refers to the act of preventing unauthorized access to data
- Example
- Multi-factor authentication, encryption, passkeys
Integrity
- Refers to the act of ensuring data is valid and untampered
- Example
- Git verifying commit hashes
Availability
- Refers to the practice of ensuring systems and data are accessible when needed
- Example
- Redundant storage
Why it matters
- Balancing the triad is key: maximizing one often impacts the others