IS Security Assignment 1

The CIA Triad 

(confidentiality, integrity and availability)

Comment on the CIA Triad.

Confidentiality: This is where your personal data, information and other relevant files pertaining to you are promised to be keep secure and safe from outside influences such as hacking, corruption or physical damage caused by natural disasters such as power failure, to ensure such confidentiality you data is stored in secure locations, multiple locations, within protected environments for example your data backups encrypted and kept safe on the cloud, the online data or data stored on a computer protected from hackers and malware through the use of firewalls and anti-malware software.

Integrity: This ensures that all of your information is correct, kept up to date and protected from illegal or wrong intervention, this can be done through the use of access controls to prevent unauthorized modification of your data and encryption which will encrypt your information then decrypt it on successful delivery. Passwords, authorization, encryption keys and digital signatures will help keep the integrity of your files.

 Availability: This ensures that your data is available when you need it, to maintain this the need for backups to ensure safety in case of data failure due to corruption or disaster, Disaster recovery plans to ensure that your data is readily replaced if destroyed or lost and prevention plans which are put in place if and when a file availability problem occurs as well as to keep your data correct and up to date, this can be accomplished by auditing your information regularly.

 These three make up the CIA triad, three processes to ensure the safety, accessibility and correctness of your data.

Discuss how the CIA Triad relates to the Parkerian Hexad.

The Parkerian Hexad attributes are the following:

·         Confidentiality

·         Possession or Control

·         Integrity

·         Authenticity

·         Availability

·         Utility

Three of the processes within the six elements of information security known as Parkerian Hexad are also known as the CIA Triad the three being Confidentiality, Availability and Integrity. Although the triad may be considered as the main attributes of information security, The Parkerian Hexad may be considered a more defined and detailed extension of the triad to include:

Control: This could be when you have lost control of your data an example would be sending your information over an unencrypted line where somebody could intercept your private information as noticed in the live panels on your Windows 10 OS which have admitted to the live stream panels being vulnerable to interception as they cannot be turned off or uninstalled.

Authenticity: “Authenticity refers to the veracity of the claim of origin or authorship of the information” (wiki.org, 2015) an example would be watermarking documents so as to prove you are the authentic owner similar to digital signature’s.

Utility: Utility here means the usefulness of your information for example suppose someone encrypted your data then lost the decryption key or corrupted your file, then the usefulness of the information would be worthless because it can no longer be accessed, another example is data conversion, if your data were to say be converted into binary whereas the use/utility of your data is incompatible with binary so then the utility of your data is non void, this in known as a breach of utility.  

Discuss how the CIA Triad can impact the development of the Business continuity plan

The CIA Triad ensures the availability, correctness and safety of the business information, this would be important to a business continuity plan as it keeps the business information safe from harm tho  if lost, replacing the correct up to date data. It keeps the information correct at all times and keeps the business information access reliable when needed, when detailing the business continuity plan you need to always keep the triad in mind and if ever there is a waver or fault in the plan then contingencies must be set in place ensuring the CIA Triad are maintained and adhered to. When creating a business continuity plan the triad may be the most important factor to use as a foundation to branch the plans objectives from for example risk assessment plan. Without consideration for the CIA Triad when making a business continuity plan, safety, accessibility, availability, reliability, in fact without consideration for all components of the Triad and even the Parkerian Hexad, then the business continuity plan may fail, one could even say a business continuity plan without the important components of the CIA Triad may be a breach of utility.