Data Security
Information and records (data) should be managed consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information.
Confidentiality
In information security, confidentiality “is the property, that information is not made available or disclosed to unauthorized individuals, entities, or processes” (Excerpt ISO27000).
Integrity
In information security, data integrity means maintaining and assuring the accuracy and completeness of data over its entire life-cycle. This means that data cannot be modified in an unauthorized or undetected manner. Information security systems typically provide message integrity in addition to data confidentiality.
Availability
High availability systems aim to remain available at all times, preventing service disruptions due to power outages, hardware failures, and system upgrades. Ensuring availability also involves preventing denial-of-service attacks, such as a flood of incoming messages to the target system essentially forcing it to shut down.