Security Controls for Account Management

Privilege management involves making decisions about what information is accessed, how it’s accessed, and who is authorized to access it. Unlike hardware access control, these concerns deal with policy and implementation issues. Additionally, the issue of auditing is a key factor: You should ensure that your organization doesn’t provide more access or privileges than individuals need to do their work.

The following sections cover user and group roles, auditing, and access control. Each of these considerations can be used to form an effective and coherent privilege management process. These processes allow users to gain access to the information they need, to be denied access to information they don’t need, ...

Get CompTIA® Security+™: Study Guide, Fifth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.