Confidentiality refers to the steps made by an organization to keep its data private or hidden. In practice, this involves limiting data access to prevent unauthorized disclosure. This requires ensuring that only authorized people have access to specified assets and that unauthorized individuals are actively discouraged from gaining access.
Solution:
To protect confidentiality, countermeasures include data classification and labeling, strong access controls and authentication mechanisms, data encryption in process, transit, and storage, steganography, remote wipe capabilities, and adequate education and training for all individuals with access to data.
Integrity refers to the assurance that data has not been tampered with and can thus be trusted. Integrity contributes to the dependability of data by ensuring that it is in the correct condition and free of any unauthorized changes.
For Example − Customers who shop online demand precise product and price information, as well as the assurance that quantity, pricing, availability, and other details will not change after they make an order. Financial consumers must have confidence in the security of their banking information and account balances. Protecting data in use is essential. Integrity can be harmed purposefully by interfering with intrusion detection systems, manipulating configuration files, changing system logs to dodge detection, or accidentally by human mistake, carelessness, coding flaws, or insufficient policies, processes, and protective measures.
Solution:
Encryption, hashing, digital signatures, and digital certificates are data integrity countermeasures. Integrity is also linked to the notion of non-repudiation, which says that one cannot refute the truthfulness of particular acts.
Availability: Networks, systems, and available applications are functioning. It ensures that authorized users get consistent and timely access to resources when they are needed. Systems, programs, and data are of little utility to a business and its customers if they are not available when authorized users require them.
While hardware or software failure, power outages, natural catastrophes, and human mistake are all potential threats to availability, the 'denial-of-service' attack, in which the performance of a system, website, or web-based application is purposely and maliciously degraded, or the system becomes unavailable, is perhaps the most well-known assault that threatens availability.
Solution:
Server, network, application, and service redundancy, regular software patching, hardware fault tolerance (for servers and storage) and system upgrades, comprehensive disaster recovery plans, backups and denial-of-service protection solutions are just some of the countermeasures that can help ensure availability.
