Cyber Security Access Control In Organizations Term Paper

Open, View, and/or
Download this Document

Total Length: 1346 words ( 4 double-spaced pages)

Total Sources: 4

Page 1 of 4

Information Technology Access Control In OrganizationsIn most organizations, an access control policy is a set of rules that dictate certain people\'s access to specific resources. An access control policy is one of the essential security aspects an organization uses, and it\'s critical to have in place (Mohammed et al., 2018). It can also become cumbersome when writing multiple policies for every new risk type. Still, many tools are available that can help streamline the process and make it easier to manage.With these tools, you will create policies quickly and easily without sacrificing their quality or quantity. Additionally, many companies need employees with different permission levels depending on their job function, so not everyone should have an admin account, especially if they don\'t need it. Therefore, this paper looks at how this can be ensured without compromising security or efficiency.Access control lists (ACLs) can restrict access to objects. An ACL is typically implemented as part of a layer of security on top of authentication and encryption. Typical uses include preventing unauthorized users from accessing resources on a network, restricting access to data files, or allowing multiple users to share a resource (Sutro, 2020).ACLs can be divided into two areas: discretionary and mandatory enforcement. Discretionary ACLs are the most common type and allow users to determine what rights they want for each object they create. For example, if a file\'s owner wants to give their \"Group A\" read permissions but denies the write permissions, only list members are given the read permission.Discretionary ACLs can be implemented at the file system level or per user. In the former scenario, a file system may allow group A to read and write the file but deny group B. A user object could use those permissions while logged in (Sutro, 2020). Mandatory ACLs are the other type of compulsory enforcement but only allow users to assign their permissions.If a user wants to provide access to a folder or a file, they must explicitly grant access to another user or deny it for themselves. It is beneficial for high-security needs as it prevents someone with moderate access levels from accidentally granting themselves access to higher levels that they are not authorized for. In the 1970s, Vinton Cerf and Robert Kahn developed ACLs and access control.

Stuck Writing Your "Cyber Security Access Control In Organizations" Term Paper?

View All Our Example Cyber Security Access Control In Organizations Term Paper

Have A Custom Example Essay Written

In the 1980s, with security becoming a much more sensitive issue, RFC 1334 (Sutro, 2020) defined a new file system access control model.Access control lists use information about users (and other user principals) to identify whether or not they are allowed access to objects. The systems that implement an ACL model will have a list of users permitted access to various system components. There are three types of ACLs: discretionary,…

[…… parts of this paper are missing, click here to view the entire document ]

…to create a shared folder with permissions based on the user role. The second step would be to create an account with only read privileges over that folder. It will allow the departmental users of the organization to share documents without compromising your administrators.The organization can implement user-based security where they allocate permissions to each user. Managing those resources will make it easier when they give different sets of rights to different users. They should assign administrators the network and system admins on the home computer; the same goes for other accounts. This division can restrict users\' authority based on their account or group. An organization can revoke either an entire group\'s permissions or an individual account\'s access privileges by revoking their account access altogether (K., 2017). The security policies of the company should be documented. It will make it easier to manage documents and follow the same rules in an emergency.In conclusion, the access control policy has helped control security risks to the organization. An access control policy is an integral part of the security management process in an organization. A well-thought-out access control policy helps establish secure network architectures; its adoption ensures that all employees have appropriate security clearances. It ensures that information is only accessible to those who need it. It illustrates a wide variety of suitable security policies for different organizations and….....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Cyber Security Access Control In Organizations" (2022, April 23) Retrieved May 6, 2024, from
https://www.aceyourpaper.com/essays/cyber-security-access-control-organizations-2179754

Latest MLA Format (8th edition)

Copy Reference
"Cyber Security Access Control In Organizations" 23 April 2022. Web.6 May. 2024. <
https://www.aceyourpaper.com/essays/cyber-security-access-control-organizations-2179754>

Latest Chicago Format (16th edition)

Copy Reference
"Cyber Security Access Control In Organizations", 23 April 2022, Accessed.6 May. 2024,
https://www.aceyourpaper.com/essays/cyber-security-access-control-organizations-2179754
   

Open, View, and/or
Download this Document
order custom essay example