Confidentiality, as defined, means: “any information that cannot be revealed to an unauthorized subject” with the main goal being to maintain the privacy of said information. The “subject” in this definition refers to either an individual, group, or system. Generally speaking, commercial organizations who are perceptive to the slightest of risks will usually institute several protective measures to prevent sensitive or confidential information from getting into the hands of unauthorized individuals to view or to use. Commonly seen invasive behavior that purposely violates confidentiality include: password phishing files, social engineering attacks, shoulder surfing, eavesdropping, and others. Outside of these, there are also non-invasive behavior that can lead to unauthorized individuals obtaining confidential/sensitive information, including human error, lack of oversight leading to mistakes, employee ineptitude, and so on.