Concepts of Availability Integrity and Confidentiality

¶ … Confidentiality, Integrity, and Availability

In the contemporary information systems environment, the security of organizational information resources is essential given an increase of hacker incidents globally. Data confidentiality is essential to ensure that the private information is not disclosed or made available to unauthorized individuals. On the other hand, the integrity is the part of information security that ensures that program and data are exchanged only by an authorized person. The system integrity assures that the system performs its intended functions without its inadvertent manipulation. The availability assures that the systems perform its intended function, and it does not deny its availability to the authorized user. These three security concepts (Integrity, Confidentiality, and Availability) is referred as Triad that performs fundamental security objectives for organizational information systems.

The objective of this paper is to explore the three concepts of information security.

The CIA Triad

The confidentiality can only be attained when an organization is able to achieve a restriction on information disclosures and access. Moreover, confidentiality involves protecting the proprietary information to enhance the personal privacy. Moreover, the integrity involves guiding against improper destruction or modification of information to ensure the authenticity of the information. A loss of integrity can lead to the destruction of information infrastructures. Additionally, the concept availability ensures a reliable and timely access to the use of information, and a loss of availability can lead to a destruction of the organizational information infrastructures. (Kim, & Solomon, 2014).

An example of confidentiality is the privacy of the student's grade information. In the United States, the student grade information is an asset and its confidentiality is very important to the student. The law regulates a release of such information to the public, and the regulation stipulates that the information should only be released to the students, employees, or parent. Moreover, organizations are required to protect the employee and customer's data from unauthorized access. In the United States, the sensitive data of several companies have been compromised by the hackers and sensitive data have been stolen eroding the concept of integrity, confidentiality and availability accorded to the data.

Seven Domains IT Infrastructures

A protection of the IT infrastructures is very critical to enhancing availability, integrity and availability of the data. The seven domains of IT infrastructures as follows:

1. User domain

2. Workstation Domain

3. LAN Domain

4. LAN-to-WAN Domain

5. Remote Access Domain

6. WAN Domain, and

7. System/Application Domain.

User domain covers all users and people having the privileges to access the information systems. A threat to the user domain may be a lack of user's awareness. The workstation domain consists of a computer that users connect to the IT infrastructures. The LAN domain consists of Server, Hub and computer systems connected to one another that assist an organization to communicate and exchange files within a specific office building. However, LAN-to-WAN domain is the linkage of IT infrastructures with the internet. The domain assists in transferring data from one geographical location to other geographical location. The remote access domain consists of the use of the internet to communicate using the computer system. The WAN domain assists an organization to send data and communicate across different geographical locations. The systems and application domain are connected with the Firewall, Web & Application Server, and Mainframe. (Kim, & Solomon, 2014).