CIA Triad

 ·   1 min read

This is a very important IT Security principal. Considering these 3 factors we can help guide the design of a system.


How important is it that only people who are suppose to access the data and no one else? If the information is very sensitive then technology such as authentication, authorisation, access control and encryption should be considered.


How important is it that the data is accurate and isn’t, and does not get corrupted. Technologies such as RAID, checksums and backups should be considered.


How important is it that the system be available. If you need a system that needs to be up all the time, even if a problem occurs, technologies such as redundancy, high availability clusters and disaster recovery should been considered.