--Originally published at Intervention IT

Today I want to talk about something called the Triad CIA, which are the tree main goals of security.

Each one of them, Confidentiality, Integrity, and Availability are not the same and can cause some confusion. But fear not, I am here in order to explain in the easiest way the main differences.

 

Confidentiality

First of all is Confidentiality, this is probably the first one to come in your mind when talking about security. It is just to protect your stuff from unauthorized disclosure, I means that none should be able to see your secrets without your consent.

You could think: that’s it! Everything in security is confidential so why you talk about the other tree? Well, it is not entirely true. You can have security with little confidentiality. Just think about a web page with just information about a touristic place. It has nothing else than information and anyone can see it, so: why is it secure with little to no confidentiality? I can respond this with the following concept.

Integrity

Integrity is a wat that we protect an asset from unauthorized changes. Or in other words, only certain people are permitted to modify the data. We can see how in my previous example of the information only web can be secure if its integrity is preserved, it means that we can implement methods to ensure that only the administrators can change the web.

Availability

Another goal, it means that security must try to accomplish a data accessible and reliable. In my previous example, it means that the web should be up as often as possible. This is the easiest of the three goals to understand, but maybe the hardest because of the trade-offs implied. Just think about

Continue reading "Code Mission: CIA" →

--Originally published at Intervention IT

Well, you can’t be more wrong mister/miss if you think security is only a bothersome thing. The user who thinks the security is not necessary is usually the most vulnerable because they don’t use good practices in order to protect themselves.

Just to get an idea of the insecurities in which people can incur, in 2015 some passwords like “password”, “qwerty” and “12345” still appearing in the top used. Also, the majority of people use the same password across many sites making a hacker life easier by getting information of multiple accounts by cracking just one.

Now the problem may not look too “important” in the present, but the world is moving to something called the Internet Of Things.

The Internet Of Things refers to the growing devices which can connect to the internet, even the domestic ones like refrigerators, stoves, etc…

The Internet Of Things is designed in order to help improve our lifestyle, but it makes it possible by recollecting information all the time and sending It to the internet. The devices using this technology can have security issues like insecure software, lack of encryption, privacy concerns, etc… This will open paths to hackers to get your information just by hacking the stove or knowing when you are not at home by tracking your toilet.

But then again, not because everyone can be hacked means that we need to escape technology and become some kind of naturalistic radical. We just need to improve our security in order to use all the benefits of the internet without worrying.

--Originally published at Intervention IT

I don’t know how you can got in this site searching for Narnia. But you can learn something while being here :D!

Saludos! My name is César Cornejo and WELCOME to my blog about Computer and Information Security; firstly, I need to say that this blog is more focused in the topics that I need to research for my #TC2027 course. But I will try to give the most information I can in order to share the most complete info.

Hope to give you some interesting readings all over my posts.

Have a Good Day!

PS: I am not a native speaker so maybe I will have a lot of flaws in my posts; I will try to minimize them and I will appreciate any good-willed comment to improve myself.