Multilayered Access Control Implementations

Implementing multiple layers in security is providing a defense-in-depth mechanism and, therefore, stronger protection for the network and users. Multiple layers provide multiple road blocks for a user and attacker. Having multiple controls in place before something can be accessed may be tiresome for a user; however, the goal is to have the same effect on an attacker. If an attacker is able to find a hole and access a company’s network, additional layers of security might stop the attacker from reaching other systems, applications, or sensitive data.

Creating layers within the network can be done physically by segmenting users and servers onto separate networks. This can also be done logically through ...

Get Access Control and Identity Management, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.