Access controls exist to keep the bad guys out and to keep the good guys honest.
Companies need to ensure that unauthorized access is not allowed and that
authorized users’ cannot make improper modifications. The controls exist in a
variety of forms, from passwords and ID badges to remote access authentication
protocols and security guards. The tricky part is that they must be incorporated
in a layered approach and that each layer needs to be understood, along with its
relationship to the other layers, to ensure that vulnerabilities are not overlooked
or introduced and that different controls do not step on each other’s toes.
No comments:
Post a Comment