The CIA triad is an information systems security term that refers to the critical task of data protection. The core goal of information security is to assure the confidentiality, integrity and availability of all the sensitive data kept by an organization. That’s critical for the continuity of business operations, as well as legally and ethically required.
So what is the CIA triad?
It provides for safely using paper- and computer-based data systems, email, fax machines, telephones, web browsers, and even just talking out loud through the provision of:
Confidentiality of data – where you ensure that critical data is only accessed by people with proper approval and on a need to know basis.
Confidentiality is related to the broader concept of data privacy – the act of limiting access to Personally Identifiable Information (PII). In the US, a range of state and federal laws, with abbreviations like FERPA, FSMA, and HIPAA, set the legal terms of privacy.
