Protection goals of information security: Conclusion
The three most important protection goals of information security are "confidentiality", "integrity" and "availability".
Confidentiality: To be able to guarantee it, you must clearly define who is authorized to access this sensitive data and in what way. This is linked to appropriate access authorizations and the use of cryptographic techniques, for example.
Integrity means protection against unauthorized changes and deletion of information, plus the reliability and completeness of information. It is therefore important for your company to take precautions to quickly detect changes to data or to prevent unauthorized manipulation from the ground up.
Availability means that information, systems and buildings must be available to authorized persons at all times. Since system failures, for example, are associated with major risks, a risk analysis should be carried out for this complex of topics. Record here the probability of failure, the downtime and the damage potential of the most necessary systems.
Commitment, accountability and authenticity are "extended" protection goals.
Commitment is understood to ensure that an actor cannot deny their actions. Accountability complements this extended protection goal by clearly identifying such an actor. Authenticity asks the question: Is a piece of information genuine or trustworthy?
