The CIA Triad

1. Confidentiality

Definition: Only the right people should have access to sensitive business information. That includes things like customer data, pricing, HR files, or financial reports.

Real world example: If someone outside your business can open your invoices, payroll files, or staff records, that's a confidentiality issue.

Quick Fixes:

• ✓ Set passwords on documents and devices
• ✓ Don’t share private info over email or text
• ✓ Use secure apps (like Google Drive or Microsoft 365) for private files

2. Integrity

Definition: Your data should be accurate and trustworthy. No one should be able to change it without permission, whether by accident or on purpose.

Real-world example: If someone changes prices on your website or deletes your booking list, and you didn’t approve it, that’s an integrity problem.

Quick Fixes:

• ✓ Limit editing access to trusted staff only
• ✓ Use tools that track changes (e.g. version history in Google Docs)
• ✓ Back up important data weekly

3. Authentication / Availability

Definition: Your systems and services should be up and running when you (or your customers) need them. This includes your website, email, booking system, or POS.

Real-world example: If your online store crashes on a sale day, or your team can’t access client files during the day, that’s an availability issue.

Quick Fixes:

• ✓ Back up files in the cloud or on an external drive
• ✓ Use tools that send alerts when systems go down
• ✓ Have a simple offline plan for emergencies (e.g. paper bookings)

Availability Failure: A Sydney-based wedding photographer lost years of client photos after a hard drive crash. The files weren’t backed up, and recovery was impossible,leading to lost income and upset clients.

Source: Data Recovery Case Study

Simple Fix: They now use cloud storage and an external backup drive to ensure every photo is saved in two places. Setup took under 20 minutes and cost less than $100.