The final piece of the triad is Availability. I know it’s been quite a lot to get through, so thanks for sticking with me through all of this. Availability is pretty self-explanatory, it means that data, services or systems need to be available to users whenever they need them.
I’ve worked on projects where I’ve seen first hand how much a company could potentially lose if their systems went down for even an hour. It’s a scary sight to be honest. Therefore, it’s imperative that businesses have policies and plans in place to ensure that their systems are always available even in the event of a natural disaster or global pandemic.
Could you imagine if WordPress went down? You wouldn’t be able to receive this insightful knowledge that I drop every other Tuesday. I can’t even begin to imagine the uproar! Ironically, WordPress have been in the news for having over a million sites that have been breached. It seems like I need to have a few words with the people over at WordPress.
Imagine if Instagram was unavailable for a few days… that actually might not be a bad thing you know. But do you get my point? When a service is unavailable it causes an issue for both the business and its users/consumers.
More importantly, there are a few things that can cause services or data to become unavailable:
Ransomware is an attack in the form of malware which locks and encrypts data and demands a ransom to be paid in order to get the data back. If you would like to find out more, read my thoughts on ransomware here – https://ttprotocol.com/2020/12/22/ransomware/
Denial of Service is when a server is flooded with so many requests that it can’t handle it and becomes so slow or stops working altogether.If you want to learn how a server can be flooded, you can read about it here – https://ttprotocol.com/2021/02/16/ddos/
Power-cut is when.. do I need to explain this? If there’s a power cut then a company’s systems won’t be able to function.
Natural Disasters refers to floods, hurricanes, landslides etc and this can affect a business’ ability to operate.
On the other hand, there are methods to protect availability, which a business can utilise in the event of a cyber attack, natural disaster or global pandemic:
Business continuity is a plan put in place to deal with any situation that can disturb the functionality of a business and to ensure that it can still function when an issue occurs.
Disaster recovery is a part of business continuity. An example of disaster recovery is having a backup of data, so if the business has lost data or access to data due to a cyber attack or a natural disaster, then the organisation can recover the lost data and carry on with business as usual.
It’s important to remember that even if a business has the Confidentiality and Integrity on point, missing out on Availability will be very costly. Every organisation should ensure that they cover all three elements of the triad as I believe it sets a good foundation of security. This concludes the C.I.A triad and I hope you have learnt a lot from these past blogs.
Love & Guidance
TT
The TT Protocol 