We’ve all probably heard of the triad of Security components Confidentiality, Integrity and Availability (CIA) and agreed they’re all equally crucial.

But are they?

The simple answer is No.

Every organisation or end user relies on their data to be confidential, intact and available but to significantly differing degrees. For example a home user may need their photos to be backed up and available at all times on their SmartPhone, whilst happy for them to be viewed by Joe Public on Flickr without any care for confidentiality. Sometimes data itself cannot be trusted but is still of use (such as Wikipedia articles), giving a different perspective on “Integrity”. For some organisations Availability and issue of losing data is not so significant where paper records are kept and the cost of backups outweighs the cost of manual recovery.

So we need to assess CIA against our own environment and our own data and evaluate the importance of each.

Home users are notoriously focused on confidentiality. Keeping data private and password protected is usually seen as enough. An often overlooked component is that of Availability. But what would happen if the data was lost, corrupted or accidentally deleted? What would be the personal impact of losing these files? Significant I imagine.

A simple answer is to keep backups, and ideally backups of backups. Best practice suggests keeping data in two places at all times, ideally in different geographic locations, such as the laptop and the cloud, or the NAS and the SmartPhone. There are many pieces of free software and free online storage services available to help with this.

In general the key is to always keep the CIA assessment in mind when seeking to secure data, then prioritise your actions accordingly.

Carl