Video coming soon
Integrity
Visual · integrity_fingerprint
A glowing digital fingerprint scanning a secure document to verify its authenticity and prevent tampering.
The Guarantee of Truth
Imagine checking your bank account and seeing that your \$1,000 balance has suddenly changed to \$1. No one read your bank statements, and no one technically stole the money yet—someone simply altered the number on the server. While Confidentiality keeps data secret, it is the "I" in the CIA Triad—Integrity—that ensures the data is accurate, trustworthy, and completely untampered with.
1. What is Integrity?
Integrity is the principle of preventing unauthorized modification or destruction of data. It ensures that the information remains exactly as it was originally created, both while it is sitting on a server (data at rest) and while it is traveling across the internet (data in transit). If a hacker, a system glitch, or even a clumsy employee accidentally changes a file, the integrity of that data has been compromised.
2. How Do We Enforce It?
Security professionals use specific tools to detect and prevent data tampering:
Hashing
A mathematical algorithm that generates a unique "digital fingerprint" (a hash) for a file. If even a single comma in a massive document is changed, the entire fingerprint changes instantly, alerting you to the tampering.
Digital Signatures
Cryptographic seals that prove a document was sent by a specific person and has not been altered in transit.
File Integrity Monitoring (FIM)
Automated software that constantly watches critical system files and sets off alarms if anything is modified without permission.
3. The Real-World Impact
Failures in integrity can be catastrophic. If a hacker breaches a hospital's database and secretly changes a patient's blood type from A+ to B- without anyone noticing, the consequences are life-threatening. In financial systems, modifying the destination account number during a million-dollar wire transfer is a classic integrity attack.
Pro-Tip: Confidentiality vs. Integrity
It is easy to confuse the two, so remember this simple distinction: Confidentiality is about preventing unauthorized reading of data. Integrity is about preventing unauthorized writing or altering of data.
Knowledge Check
You download a software update from a website. The website provides a long string of characters called a "hash" next to the download link. After downloading, you generate your own hash of the file, and the two strings match perfectly. What does this prove?\n\nA) The file is completely private and encrypted.\nB) The file has not been altered, hacked, or corrupted during the download.\nC) The software will run faster on your computer.