SRE and the "A" in {C,I,A}

Three principles—confidentiality, integrity, and availability (otherwise known as the CIA Triad)—must be addressed to secure an information system. Confidentiality is achieved through application of access controls, role separation, encryption at rest and in transit, and data sanitization. Hashing functions applied to data ensure the integrity of data is maintained as it travels through insecure channels.

Availability is not something that can be achieved by actions such as turning on a feature (e.g. enabling BitLocker, forcing SSL connections, digitally-signing email) but rather involves careful design and architecture decisions.

Site Reliability Engineering (SRE) involves keeping information systems running due to any natural or human-induced disruption, including hurricanes, tornados, floods, equipment failures, configuration errors, or malicious actors. Architectures which are designed with the expectation that any and every component will fail have the best chance of successfully achieving high availability.

Use of redundant hardware, network connections, multiple data centers, data replication, and automatic horizontal scaling of resources help to achieve the "always on" availability expected in modern applications. Google's SRE Books ( are excellent resources with more information on this topic.



PSI's state-of-the-art Innovation Facility is now open in Valparaiso, FL. It is designed to provide a cyber secure ecosystem for development of new technologies and approaches, illustrating the company’s commitment to deliver excellence to its customers. Watch a video about the Innovation Facility.