Kyle Griffith
Submitted by NIATEC
You may have come across the term ‘information assurance’ at one point or another. Okay, so maybe not. What you may have heard of is cyber security or computer security. These terms all refer to the same field. Something you might not know is that the Idaho State University campus hosts the facilities of the National Information Assurance Training and Education Center (NIATEC).
So why should information assurance mean anything to you? When you interact with any online service then you should at least have a basic knowledge of information assurance. Nearly all online services depend on information assurance to function properly.
One of the foundational topics of information assurance is the C-I-A triad. No, this does not mean the Central Intelligence Agency in this context. It stands for Confidentiality, Integrity and Availability.
Confidentiality is the principle that your information will not be read or accessed by anyone you have not authorized to do so. You place trust in your email provider that the messages you send will not be read by unintended recipients.
Email services accomplish this by utilizing many techniques and technologies, but the underlying principle will always remain. Authorized individuals, those people who are intended to have access to a message, should be granted access while unauthorized should not.
Many individuals place their trust in social media sites like Facebook to allow only an authorized user to create a post and change information that has already been posted. This is an example of the ‘I’ in the C-I-A triad: Integrity.
How useful would Facebook be if the posts of an account owner could be changed by anyone? Under these circumstances, many people would have to explain to their friends why they are advertising potentially embarrassing products or services in their Facebook posts. Most websites depend on only authorized users being able to input and change data.
The last of the C-I-A triad, availability, is the gateway to access our computing services. When an authorized user needs access to a service, the ability to use the service constitutes availability. Cyber-attacks launched with the sole purpose of disrupting online services have become common. This type of attack aims to eliminate the availability of a service.
When an attack like this is launched against a service like Moodle, the service would be disrupted and normal operations would cease.
So what can you do to apply these three core principles of information assurance in your everyday life? You can help maintain your confidentiality and integrity while online by always logging out of your email, social networking and banking accounts when you are not at the computer. By doing so, you will not allow other users to have access to or grant the ability to change your data.
Another way to protect yourself online is by maintaining a strong password. Your password should use letters (upper- and lower-case), numbers, special characters and have a length of at least eight characters. Do not depend on the same password forever and use different passwords for each website you use. It is best to change your password regularly, such as once every three months.
As for availability, for many websites you can only hope that the services you use will continue to function with little or no downtime. For other services you may be able to keep offline backups. There is nothing worse than standing in front of an audience unable to pull up your PowerPoint presentation saved in your inbox because your email service is down. Always plan ahead and do not rely solely on online services. Save your documents and data to local media like a flash drive or hard drive when the data is essential to your presentation.
The preceding examples have shown how information assurance is an important topic for everyone to understand. It is sometimes easy to fall into the trap of thinking that you have no sensitive information to protect.
To those who maintain this way of thinking, and to those who perhaps will someday follow their example, I say this: your information is what makes you unique. From your finances to your communications with your friends and family online, a growing portion of our lives is online and potentially accessible by many individuals.
This may scare some but it also motivates others. The members of the NIATEC program here on this campus are some of those who are motivated to achieve informational assurance.
Stop by to see us sometime, or talk to one of us when you see us on campus. We love what we are doing and look forward to sharing it with everyone.
