Multimedia Architects and Associates
Autor: Tim • February 2, 2018 • 955 Words (4 Pages) • 504 Views
...
Access control is a term mainly used in both physical and information security fields. It is a selective restriction to access a resource or a place. To access means to consume, enter or even using a resource. Authorization is the permission given to access a resource. It is a security feature that controls who can or cannot access the resource of the operating system, and what can be accessed. One of the technologies used in controlling the access of resources is the CS-level security. System administrators should do an audit of security events more often; this should be limited to system administrators’ only, not every user. Users should have an identification password when logging on the system, this helps to identify user activities and performances. Finally these techniques suggest the system to be protected from any external interference such as changing how the system runs or the storage of system files (Whitman and Mattord, 2012).
Additional strategies can be implemented related to both physical and digital spaces. While no single technology can be considered fail safe, a combination of multiple technologies should reduce the exposure the organization has to breach. Physical space restrictive technologies can include solutions such as access ID cards, biometric scanning, and passcodes. Depending on the area being secured, an organization may choose one (or multiple) solutions to protect property. With relation to securing network access, two-factor authentication over VPN tunnels can be considered one of the more commonplace strategies. This requires knowledge of both a static pin and access to the token (hardware or software based) to gain entry. Finally, simple software technologies built into domain management solutions like Active Directory can help establish access to certain file shares within a network. Ultimately, maximizing access control strategies will incorporate most, if not all, tools to reduce the threat of unauthorized access.
---------------------------------------------------------------
References
Shackleford, D. (2015). Real-Time Adaptive Security. SANS Institute. Retrieved from http://www.sans.org/reading-room/whitepapers/analyst/real-time-adaptive-security-34740
Symantec. (2010). What is a zero-day vulnerability?. Retrieved from http://www.symantec.com/connect/blogs/java-zero-day-vulnerability-used-limited-attacks
Whitman, E. M., & Mattord, J. H. (2012). Principles of Information Security. Boston, MA: Course Technology.
...