๐๏ธ Access Controls
Access control is a selective restriction of access to data.
Access controls are a way of identifying someone is who they say they are are and what information or data they are allowed to access and use within a company setting.
- A security approach that governs who has access to, and can make use of certain resources
- It also assists a business to reduce risk when it comes to handling sensitive data
Access controls can determine which services a user can access, such as:
- Email
- Software
- Internet
- Documents
- Admin access
Explanation of each control measure:
Physical Accessโ
You need something physical to get in. Physical protection systems are used to limit, or allow access to a specific area or strucure
Prosโ
- Need something physical to get in, no risk of writing passwords down
Consโ
- Could get stolen
Examples
- Biometrics (FaceID, Fingerprint)
- Locks (Keys, RFID cards)
- Doors
Remote accessโ
Remote access control monitors and controls access to a computer or network anywhere and anytime.
Prosโ
- Allows you to work from anywhere and pick up where you left off
Consโ
- Though hard to do so, connection could get intercepted eventually
Examples
- VPN - Virtual Private Network - It allows people who work remotely, from home, to router their traffic securely through an online server that connects them to their company's network.
- VCN - Virtual Computer Network - Allows screen sharing to view and control the desktop of another comuter. This is usually carried out by using a VCN
- RDP - Remote Desktop Protocol - A Microsoft protocol used to achieve a remote connection, but there are also versions for other operating systems
- Internet Proxy Server - This provides a connection outside of a network or firewall. This is helpful when it comes to creating external connections
Permissionsโ
These are a set of rules that determine who has access to what parts of the system.
Permissios allow you to establish positions in your network, assign them to specific indiciduals or groups to allow them to do or view certain things
Prosโ
- People are only able to do what they need to do. No risk of them doing something unauthourised
Consโ
- Someone must set it up, and that can be time consuming if there are many people
Examples
- Write
- Read
- Edit
- Delete
Authenticationโ
This is a process where a system verifies te identity of a user who wishes to access the system, confirming that someone is who they claim to be
The simplest form of this is the username and password method. This is a poor method. Stronger methods are required, and that is called Multi-Factor Authentication
Prosโ
- Added level of security
Consโ
- Time consuming and frustraiting
- The authentication method (phone, token) could be lost or stolen
Examples
- 2FA
- Capcha