Confidentiality

Governance (GRC) 📜 • Cryptography 🔒 • Authentication & Authorization 🔐 • Sec+ Glossary 📖 • Difficulty: free

What is Confidentiality?

Confidentiality is the security principle that information should only be accessible to authorized people, systems, or processes.

Examples

A hospital restricts patient records so only approved medical staff can view them.
A company encrypts payroll files so they cannot be read if a laptop is lost or stolen.

Discover 🔎

When people first think about cybersecurity, they often picture hackers breaking into systems. But one of the most important questions in security is much simpler: who should be allowed to see this information? That is the heart of confidentiality.

Confidentiality matters because not all information is meant for everyone. Customer records, health data, exam papers, legal documents, trade secrets, and internal emails may all require protection from unauthorized viewing. If the wrong person can read sensitive information, the damage may include privacy loss, fraud, reputational harm, legal trouble, or business disadvantage.

Confidentiality is one part of the CIA Triad, alongside integrity and availability. Its role is focused on secrecy and controlled disclosure. In other words, confidentiality is about keeping information visible only to those with a legitimate right to access it.

Remember: Confidentiality is not about hiding everything. It is about making sure sensitive information is seen only by the right people.

Summary 📝

Confidentiality is the CIA principle focused on keeping information visible only to authorized people and systems. It is protected through access control, encryption, data classification, careful handling, and ongoing review of who can access sensitive information. In security, confidentiality is about controlled visibility, not total secrecy.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.