Confidentiality is an approach used to give authorized users access to sensitive data in accordance with business and role-based needs. It can also relate to the various methods used to ensure confidentiality against unauthorized users.

Terms related to Confidentiality: Cybersecurity, principle of least privilege, role-based access, data breach, access controls, multifactor authentication.

Because confidentiality is designed to protect data from unauthorized access, sensitive information must only be made available to a clearly-defined subset of users. These users must demonstrate a clear need for access to sensitive information that allows them to carry out business tasks.

Confidentiality is best served through approaches like the “Principle of Least Privilege” and role-based access. These approaches only grant access to users based on their roles, and only provide access to the minimum level needed for them to perform their roles.

Confidentiality can be granted based on a classification system, and it is often necessary to analyze data in a granular way to define what can, and cannot be recorded, accessed, amended, or used by specific employees.

Good ways to implement confidentiality controls, in addition to role-based access include:

  • A thorough authentication process such as two-factor or multifactor authentication.
  • Access controls that provide granular access to data dependent on job role needs.

A failure of confidentiality, particularly on a large scale, often results in a data breach.

Confidentiality Resources from Crossmatch

  • The Password is Dead? — exploring whether passwords are the way to protect access to confidential information.