What configuration should a financial institution set for a security control device to prioritize the confidentiality and integrity of financial data during a failure?

A financial institution focusing on prioritizing the confidentiality and integrity of financial data during a failure should implement a fail-closed configuration. This approach ensures that, in the event of a failure within the security control device, the system will deny access to sensitive data or resources rather than allowing access. By doing so, the institution safeguards against unauthorized access, thereby maintaining the confidentiality and integrity of financial data during potentially compromised conditions.

The fail-closed strategy is particularly critical for sectors like finance, where exposure to sensitive information can have severe consequences. By ensuring that pathways to sensitive data are automatically closed in the case of failure, the institution is effectively mitigating risks associated with data breaches and unauthorized disclosures.

In contrast, alternative configurations like fail-open would allow access during failures, potentially exposing sensitive information, which is contrary to the goal of preserving confidentiality and integrity. Graceful degradation might provide reduced functionality but does not specifically address data access. Redundancy mode can improve availability but does not directly focus on the handling of failures in a way that prioritizes data protection. Thus, the fail-closed configuration is the most appropriate choice for this specific context.