Magage your resources | Control Access

 Access control is a fundamental component of data security. Is compose by a security measures and tools that regulate who can access and/or use the resources in a system or network. Authentication and authorization are the bases of  of the access control.

 

By authentication, access control permit users to prove that are who are they claim and get access to the data or environment that they are allowed to. But just with the authentication layer the data still being vulnerable. Here is where the authorization comes over. This second layer gives or denies permissions to users to access to data to perform an action.

A good practice on control access is to stick to the “principle of least privilege”. This means users can only access the data or perform the actions they need to do their job.

Audit:

Even creating these security layers, issues may happen, rather for misconfiguration or for security violations. That's is why audit process are implemented. These processes gathers data about the activities in the systems to discover any issue and diagnose its cause. Analyse such amount of data can be very tedious. For this reason, audits are configured to just alert the system administrator if a suspicious event occurs.

By the audits, the network administrators can detect if a security breach is ongoing. They can check who has logged on the network, if any remote  or failed login has occurred, or if any change on the user privileges has been set up. Also, audits are a source of evidences when a security breach took place.