Confidentiality refers to limiting information access and disclosure to authorized users — “the right people” — and preventing access by or disclosure to unauthorized ones — “the wrong people.”
Privacy (ability to control or restrict access so that only authorized individuals can view sensitive information) is required to protect the assets of organizations. One of the underlying principles of confidentiality is “need-to-know” or “least privilege”. In effect, access to vital information should be limited only to those individuals who have a specific need to see or use that information.
The major risks to data confidentiality are –
Loss of privacy
Unauthorized access to information
Our solutions to minimising these risks involve planning and implementing effective security control systems such as two-factor authentication, data encryption, effective secure access controls.