Skip to main content

๐ŸŽ›๏ธ Access Controls

Access control is a selective restriction of access to data

Access controls are a way of identifying someone is who they say they are are and what information or data they are allowed to access and use within a company setting.

  • A security approach that governs who has access to, and can make use of certain resources
  • It also assists a business to reduce risk when it comes to handling sensitive data

Access controls can determine which services a user can access, such as:

  • Email
  • Software
  • Internet
  • Documents
  • Admin access

Control Measures#

Physical access#

You need something physical to get in. Physical protection systems are used to limit, or allow access to a specific area or strucure

Pros

  • Need something physical to get in, no risk of writing passwords down

Cons

  • Could get stolen
examples

- Biometrics (FaceID, Fingerprint)
- Locks (Keys, RFID cards)
- Doors

Remote access#

Remote access control monitors and controls access to a computer or network anywhere and anytime.

Pros

  • Allows you to work from anywhere and pick up where you left off

Cons

  • Though hard to do so, connection could get intercepted eventually
Examples

- VPN - Virtual Private Network- It allows people who work remotely, from home, to router their traffic securely through an online server that connects them to their company's network.
- VCN - Virtual Computer Network - Allows screen sharing to view and control the desktop of another comuter. This is usually carried out by using a VCN
- RDP - Remote Desktop Protocol - A Microsoft protocol used to achieve a remote connection, but there are also versions for other operating systems
- IPS - Internet Proxy Server - This provides a connection outside of a network or firewall. This is helpful when it comes to creating external connections

Permissions#

These are a set of rules that determine who has access to what parts of the system.

Permissios allow you to establish positions in your network, assign them to specific indiciduals or groups to allow them to do or view certain things

Pros:

  • People are only able to do what they need to do. No risk of them doing something unauthourised

Cons

  • Someone must set it up, and that can be time consuming if there are many people
Examples

- Write
- Read
- Edit
- Delete

Authentication#

This is a process where a system verifies te identity of a user who wishes to access the system, confirming that someone is who they claim to be.

The simplest form of this is the username and password method. This is a poor method. Stronger methods are required, and that is called Multi-Factor Authentication

Pros

  • Added level of secrity

Cons

  • Time consuming and frustraiting
  • The authentication method (phone, token) could be lost or stolen
examples

- 2FA
- Capcha

Test your knowledge ๐Ÿง