D. BlumRational Cybersecurity for Businesshttps://doi.org/10.1007/978-1-4842-5952-8_8

8. Control Access with Minimal Drag on the Business

Dan Blum¹

(1)

Silver Spring, MD, USA

Access control is required for most IT assets, and many of the access rules must be managed by nontechnical business users. The work of managing access controls (“access governance”) involves both identity and access management (IAM) and data protection disciplines such as information classification and data governance.

IAM and data governance are vital for reducing breach risk and complying with privacy-related regulations. IAM alone represents three of the control domains from Chapter 6’s list of 20 control domains. IAM is technically complex and highly ...

Get Rational Cybersecurity for Business: The Security Leaders' Guide to Business Alignment now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Rational Cybersecurity for Business: The Security Leaders' Guide to Business Alignment by Dan Blum

8. Control Access with Minimal Drag on the Business

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly