CIA Triad/Rating

This is a very important IT Security principal. Considering these 3 factors we can help guide the design of a system.

  1. Confidentiality: How important is it that only people who are suppose to access the data and no one else? If the information is very sensitive then technology such as authentication, authorisation, access control and encryption should be considered.  
  2. Integrity: How important is it that the data is accurate and isn't, and doest get corrupted. Technologies such as RAID, chucksums and backups should be considered.  
  3. Availability: How important is it that the system be available. If you need a system that needs to be up all the time, even if a problem occurs, technologies such as redundancy, high availability clusters and disaster recovery should been considered.