CIA is a reference model to help protect information from unauthorized disclosure, modification, and accessibility to end users. The regulations and concepts that companies abide by vary based on how confidential that data collected and shall be discussed in ethics and regulations section.

(WGU D315)

Disaster recovery plans (DRPs) rely on solutions to ensure that systems can recover from catastrophic events in a reasonable amount of time with minimal data loss.

DRP ensures that data is available to users. The process as the data is in transit and at rest via encryption ensures the integrity of the data.

Firewalls are used to help mitigate issues by blocking incoming messages from untrustworthy sources and blocking outgoing messages to a specific destination.

Security mitigation keeps the data from being accessed by unauthorized users. It is also important as users on the network may not use proper procedures and access websites that they should not. Depending on the firewall type, it may block malicious sites, packets, or cookies.

Policies such as an acceptable use policy (AUP) should reflect the organization’s ethics and provide clear guidelines. An acceptable use policy, detailing how computer systems owned by the organization can be used, should include the following aspects:

• legal considerations, including data security laws, jurisdiction, the ownership of systems and data, and proper use of intellectual property
• data security provisions, including personal responsibilities of users, ways the systems can and cannot be used, and types of unacceptable web content
• liability considerations, outlining disclaimers that remove an organization’s responsibilities for data breaches, information theft, or misuse of the internet

Information privacy refers to the right to control how your personal information is collected, used, and exchanged.