1. Integrity
Integrity involves assurance that all information systems are protected and not tampered with. IA aims to maintain integrity through means such as anti-virus software on all computer system, and ensuring all staff with access to know how to appropriately use their systems to minimize malware, or viruses entering information systems.
IT Governance provides a variety of E-learning courses to improve staff awareness on topics such as phishing and ransomware, as a means to reduce the likelihood of system being breached, and data exposed.
2. Availability
Availability simply means those who need access to information, are allowed to access it. Information should be available to only those who are aware of the risks associated with information systems.
3. Authentication
Authentication involves ensuring those who have access to information, are who they say they are. Ways of improving authentication involve methods such as two-factor authentication, strong passwords, bio-metrics and other devices. Authentication may also be used to not only identify users, but also other devices.
4. Confidentiality
IA involves the confidentiality of information, meaning only those with authorization may view certain data. This step is closely mirrored by the six data processing principles of the General Data Protection Regulation (GDPR), where by personal data must be processed in a secure manner "using appropriate technical and oganizational measures" ("integrity and confidentiality").
5. Nonrepudiation
The final pillar simply means someone with access to your organizations information system cannot deny having completed an action within the system, as there should be methods in place to prove that they did make said action.
