Confidentiality

Posted on by
Confidentiality
Confidentiality is one of three critical data protections in cybersecurity. The other two are Integrity and Availability.  (see links below for those Cybrary pages). 
Confidentiality seeks to ensure that information is not disclosed to users, processes, or devices unless they have been authorized to access the information. Confidentiality preserves authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. Examples of confidential information that requires protection include a person’s Social Security Number, a Healthcare record, or a Human Resources personnel record.

What does this mean for an SMB?

Confidentiality is important when dealing with sensitive information in your business such as your personnel data, Intellectual property, or regulated data such as credit card or HIPAA data. Having an employee’s bank information or important business documents accessible by the wrong people in your SMB can lead to cyber incidents and damage to your reputation. 

Keep your sensitive data confidentiality by following this advice:

  1. Encrypt your sensitive files and information;
  2. Limit who has access to the data following both Least Privilege and Need to Know cybersecurity best practices.
  3. Secure (lock) devices and physical paper documents;
  4. Properly dispose of data, devices, and paper documents (shred);
  5. Train your employees on how they should protect the confidentiality of the data they have access to while it is at rest (stored on systems, servers, and in email) and in motion (emailed, transferred etc).
  6. Govern employees with an Information Handling Policy that outlines the lifecycle of your data, how it should be labeled, and how it is to be protected at rest and in motion within your business processes.

Related Terms: Availability, Integrity, Least PrivilegePrivacy, Need to Know

Source: CNSSI 4009, NIST SP 800-53 Rev 4, 44 U.S.C., Sec 3542

If you would like more information on this topic, check out this short video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

Sign Up Today!
Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.