Security is a constant demand for all the organization, companies, SMBs, startups or an individual. There has been repeated incidents of data theft, hacking, malware, and several cyber attacks. Hence it has been the worst nightmare for the IT professional to compromise on the IT security of their company. Here in this proceeding brief, we will discuss the best practices and principles that must be followed to keep the IT security soundproof and the systems safe.
There are several principles of Information security. The most common to use are confidentiality, integrity, and availability which is also known as CIA Triad. Let us learn these core principles in detail here.
CIA Triad
Confidentiality
Confidentiality is the term used to prevent the access of the information to unauthorized individuals or the systems. Confidentiality breach takes place in several forms. If the confidential information related to the company is stored in the laptop, system or a server is being accessed by the someone without any authorization is called as the breach of confidentiality. Giving out the confidential information over the telephone is called the breach of confidentiality if the caller is not authorized to have the information.
Integrity
In Information security, integrity means that the data cannot be altered or modified without any authorization from the administrator. This is not the same as referential integrity in databases. Integrity is violated when the employees accidentally or with malicious intention deletes the important data files and folders; the computer is affected by the virus when an employee can modify the important documents and many more.
Availability
For any information prevalent, the information must be available as and when it is needed. This leads that the computing or storage systems used to store and process the information along with the security controls and communication channel should function smoothly. High availability of data to remain available at any time and must avoid several disruptions like power outage, hardware failure system failure. It should also involve preventing the denial of service attacks.