<aside> <img src="/icons/layers_gray.svg" alt="/icons/layers_gray.svg" width="40px" /> Confidentiality refers to the protection of information from unauthorized access and disclosure. Ensures that private or sensitive information is not available or disclosed to unauthorized individuals, entities, or processes

</aside>

Confidentiality is important for 3 main reasons:

• To protect personal privacy
• To maintain a business advantage
• To achieve regulatory compliance

To ensure confidentiality, we use five basic methods

• Encryption
  • Process of converting data into a code to prevent unauthorized access
• Access Controls
  • By setting up strong user permissions, you ensure that only authorized personnel can access certain data types
• Data Masking
  • Method that involves obscuring specific data within a database to make it inaccessible for unauthorized users while retaining the real data’s authenticity and use for authorized users
• Physical security measures
  • Ensure confidentiality for both physical types of data, such as paper records stored in a filing cabinet, and for digital information contained on servers and workstations
• Training and awareness
  • Conduct regular training on the security awareness best practices that employees can use to protect their organizations sensitive data