8.4. Enforcing Privilege Management
Privilege management involves making decisions about what information is accessed, how it's accessed, and who is authorized to access it. Unlike hardware access control, these concerns deal with policy and implementation issues. Additionally, the issue of auditing is a key factor: You should ensure that your organization doesn't provide more access or privileges than individuals need to do their work.
The following sections cover user and group roles, privilege escalation, single sign-on initiatives, auditing, and access control. Each of these considerations can be used to form an effective and coherent privilege management process. These processes allow users to gain access to the information they need, to ...
Get CompTIA Security+™: Study Guide, Fourth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.