CHAPTER 4
Access Controls
Introduction
In general terms, providing security means “freedom from risk and danger”. In the context of information security, it is securing against:
- Access to information by unauthorized persons
- Modification to information by unauthorized persons
- Destruction of information by unauthorized persons
This means basically, any type of access to information needs to be protected. Whether the access is physical such as accessing CPUs, hard disks, or logical, as in accessing the system directly or remotely, access needs to be restricted and thus, information needs to be protected.
Access control is considered the most important ...
Get The InfoSec Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.