Access control is a selective restriction of access to data
Access controls are a way of identifying someone is who they say they are are and what information or data they are allowed to access and use within a company setting.
- A security approach that governs who has access to, and can make use of certain resources
- It also assists a business to reduce risk when it comes to handling sensitive data
Access controls can determine which services a user can access, such as:
- Admin access
You need something physical to get in. Physical protection systems are used to limit, or allow access to a specific area or strucure
- Need something physical to get in, no risk of writing passwords down
- Could get stolen
- Biometrics (FaceID, Fingerprint)
- Locks (Keys, RFID cards)
Remote access control monitors and controls access to a computer or network anywhere and anytime.
- Allows you to work from anywhere and pick up where you left off
- Though hard to do so, connection could get intercepted eventually
- VPN -
Virtual Private Network- It allows people who work remotely, from home, to router their traffic securely through an online server that connects them to their company's network.
- VCN -
Virtual Computer Network - Allows screen sharing to view and control the desktop of another comuter. This is usually carried out by using a VCN
- RDP -
Remote Desktop Protocol - A Microsoft protocol used to achieve a remote connection, but there are also versions for other operating systems
- IPS -
Internet Proxy Server - This provides a connection outside of a network or firewall. This is helpful when it comes to creating external connections
These are a set of rules that determine who has access to what parts of the system.
Permissios allow you to establish positions in your network, assign them to specific indiciduals or groups to allow them to do or view certain things
- People are only able to do what they need to do. No risk of them doing something unauthourised
- Someone must set it up, and that can be time consuming if there are many people
This is a process where a system verifies te identity of a user who wishes to access the system, confirming that someone is who they claim to be.
The simplest form of this is the username and password method. This is a poor method. Stronger methods are required, and that is called
- Added level of secrity
- Time consuming and frustraiting
- The authentication method (phone, token) could be lost or stolen