chore: update CIA grammar and content
- misc. grammatical edits - add a few more examples
This commit is contained in:
Kelly Marchewa
committed by
Nanne Baars
Nanne Baars
parent
d5f78351a2
commit
e4ec90db8a
@ -1,25 +1,25 @@
|
||||
== Confidentiality
|
||||
|
||||
Confidentiality is "the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes." In other words, confidentiality means to prevent sensitive information from reaching the wrong people, that should not get access to it, while at the same time making sure, that people that are allowed to access it, can get it.
|
||||
Confidentiality is "the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes." In other words, confidentiality requires that unauthorized users should not be able to access sensitive resources. Confidentiality must be balanced with availability; authorized persons must still be able to access the resources they have been granted permissions for.
|
||||
|
||||
While being similar to "privacy", these two words are not interchangeable. Rather, confidentiality is a component of privacy that implements to protect our data from unauthorized viewers.
|
||||
Although confidentiality is similar to "privacy", these two words are not interchangeable. Rather, confidentiality is a component of privacy; confidentiality is implemented to protect resources from unauthorized entities.
|
||||
|
||||
{nbsp} +
|
||||
|
||||
=== Examples that compromise confidentiality:
|
||||
|
||||
** a hacker gets access to the password database of a company
|
||||
** sensitive emails being sent to incorrect individuals
|
||||
** a hacker reads sensitive information by intercepting and eavesdropping an information transfer
|
||||
** a sensitive emails is sent to the incorrect individual
|
||||
** a hacker reads sensitive information by intercepting and eavesdropping on an information transfer
|
||||
|
||||
{nbsp} +
|
||||
|
||||
=== Examples of methods ensuring confidentiality
|
||||
|
||||
** data encryption
|
||||
** authentication methods
|
||||
*** passwords
|
||||
*** two-factor authentication
|
||||
** properly implemented authentication and access control
|
||||
*** securely stored passwords
|
||||
*** multi-factor authentication (MFA)
|
||||
*** biometric verification
|
||||
** minimizing the number of places/times the information appears
|
||||
** physical security measurements like protected server rooms etc.
|
||||
** physical security controls such as properly secured server rooms
|
||||
Reference in New Issue
Block a user