Difference between revisions of "Access Control"
(Created page with " {| style="margin-left: 0px; text-align: left; font-style: none; width:100%; font-weight: none; background: #F0F0F0; border:1px" |- | '''1.''' In general, only the authorized...") |
|||
| Line 3: | Line 3: | ||
|- | |- | ||
| '''1.''' In general, only the authorized personnel within an organization should be assigned user accounts with special privileges. Additionally, user accounts have to be managed effectively and the necessary level of access to the equipment should only be provided depending on your authorization level. | | '''1.''' In general, only the authorized personnel within an organization should be assigned user accounts with special privileges. Additionally, user accounts have to be managed effectively and the necessary level of access to the equipment should only be provided depending on your authorization level. | ||
| − | + | Related Term: | |
| − | Related Term: | ||
{{Bcm Institute Source}} | {{Bcm Institute Source}} | ||
|} | |} | ||
| + | |||
| + | | '''2.''' Access control refers to security features that control who can access resources in the operating system. Applications call access control functions to set who can access specific resources or control access to resources provided by the application. (Rouse, 2014) | ||
| + | |||
| + | | '''3.''' Access control is basically identifying a person doing a specific job, authenticating them by looking at their identification, then giving that person only the key to the door or computer that they need access to and nothing more. In the world of information security, one would look at this as granting an individual permission to get onto a network via a user-name and password, allowing them access to files, computers, or other hardware or software the person requires, and ensuring they have the right level of permission (i.e. read only) to do their job. (Gentry, 2012) | ||
{{Attend Course: BCMi Right}} {{BCM Institute A Manager's Guide to Business Continuity Management for Cyber Security Incident Response}} | {{Attend Course: BCMi Right}} {{BCM Institute A Manager's Guide to Business Continuity Management for Cyber Security Incident Response}} | ||
[[Category:BCM Institute Cyber Security Glossary]] | [[Category:BCM Institute Cyber Security Glossary]] | ||
Revision as of 08:02, 16 August 2017
| 1. In general, only the authorized personnel within an organization should be assigned user accounts with special privileges. Additionally, user accounts have to be managed effectively and the necessary level of access to the equipment should only be provided depending on your authorization level.
Related Term:
|
| 2. Access control refers to security features that control who can access resources in the operating system. Applications call access control functions to set who can access specific resources or control access to resources provided by the application. (Rouse, 2014)
| 3. Access control is basically identifying a person doing a specific job, authenticating them by looking at their identification, then giving that person only the key to the door or computer that they need access to and nothing more. In the world of information security, one would look at this as granting an individual permission to get onto a network via a user-name and password, allowing them access to files, computers, or other hardware or software the person requires, and ensuring they have the right level of permission (i.e. read only) to do their job. (Gentry, 2012)
