CIA Triad

This is a very important IT Security principal. Considering these 3 factors we can help guide the design of a system.

Confidentiality

How important is it that only people who are suppose to access the data and no one else? If the information is very sensitive then technology such as authentication, authorisation, access control and encryption should be considered.

Integrity

How important is it that the data is accurate and isn’t, and does not get corrupted. Technologies such as RAID, checksums and backups should be considered.

Availability

How important is it that the system be available. If you need a system that needs to be up all the time, even if a problem occurs, technologies such as redundancy, high availability clusters and disaster recovery should been considered.