Tag: CIA

1.1a CIA

No not that CIA! The CIA that is related to the security industry stands for Confidentiality, Integrity and Availability these form the security triad.


Confidentiality allows access to data only to authorized personnel unauthorized personnel cannot access the data. You can ensure confidentiality using Encryption such as AES (Advanced Encryption Standard).


When you receive data you want to make sure what you are receiving is the original piece of data such as a file. One way to ensure Integrity is using hashing algorithms such as MD5 and SHA-1. If I was to send you a file over the internet I cannot guarantee that it wasn’t intercepted along the way and changed by someone else. However if I was to use a hashing algorithm like MD5 I could make a hash of the file before sending it to you and send you the hash along with the file (via email) that way when you receive the file you could run the same MD5 hash on the file, if they match you can safely say that the file hasn’t been changed along the way.


It is important to make sure your data is available when needed. Companies would do this by having a second (backup) web server available if their primary web server went down or was taken down by an attacker. This also applies to power, off site backups and cooling systems.