What Is Access Control?
Access control can be described as security technique that regulate who or what can view or use resources in a computing environment. It is a selective restriction to a place or resources; permission to access a resources is called Authorization.
In the field of physical and information security, controlling access to information system to guarantee authorized access is fundamental to information system security. There are common techniques or methods which an organization can adopt and develop to ensure secured information access to sensitive information.
Identification and Authentication
This involves proving one’s identity to gain access. A users provides a claimed identity known as credentials, to the system which confirms the authenticity before providing system access to the user.
In a typical open-system network environment, two things are achieved.
Firstly, the building block of computer security ensures Users accountability; which requires the linking of activities or trails on a computer system to specific individuals identified and authenticated by the system.
Secondly, the technical measure in place prevents unauthorized users or processes, which could be a high risk to an organization, from entering a computer system.
However, a business should watch out for;
- Weak authentication methods
- The potential for users to bypass the authentication methods
- Lack of confidentiality and integrity for stored authentication information
- lack of encryption for authentication information transmitted over a network.
Logon IDs and Passwords
This two-phase user identification and authentication process can be used to restrict access to a computer information such as transactions, programs and even the computer system itself. The computer validates all valid Users IDs and passwords before granting access; and identify the computer resources the user of the logon IDs can access and constitute the users authorization.
Other common techniques include;
- Token Devices, One-Time Password
- Data Encryption
- Digital Signature
- Biometrics Control
- Eye Recognition
- Facial Verification
- Vocal Identification or voice recognition
- Written Verification, etc.
- Logon IDs not used after a number of days should be automatically or manually deactivated to prevent possible misuse
- The system should automatically disconnect a logon session if no activity has occurred for a period of time, to avoid the risk of misuse of an active logon session. This is also referred to as Timeout.
- Ideally, passwords should be five (5) to eight (8) characters in length to prevent too easy to guess password
- Passwords should require a combination of at least three (3) of; alpha, numeric, upper and lower case and special characters.
- Passwords should not be identifiable with first name, last name, spouse name, pet’s name.
- The system should also not permit previous passwords to be used for at least a year after being changed,
Do You Need Accounting Help?
Consistent up to date and cleaning of accounting records for sound business decision making, may be posing some difficulties when you are preoccupied with other business functions. Is it time to consider independent professionals because of certain technical complications that could occur along the line? It could also be daunting, time-consuming procedures. Not recording correctly and poor monitoring can cause complications and confusion.
we @Fritznoble Consulting assist our clients on the best available options that suit their businesses...Reach out/ Outsource With Us… If Accounting works are bothering you, then it’s time you outsourced your accounting and bookkeeping requirements, this will help you concentrate more on other core activities of your business; with a team of professionals to help.
Social media Connections
Visit here, for more business tips.