CHAPTER 4

image

Access Controls

Introduction

In general terms, providing security means “freedom from risk and danger”. In the context of information security, it is securing against:

  • Access to information by unauthorized persons
  • Modification to information by unauthorized persons
  • Destruction of information by unauthorized persons

This means basically, any type of access to information needs to be protected. Whether the access is physical such as accessing CPUs, hard disks, or logical, as in accessing the system directly or remotely, access needs to be restricted and thus, information needs to be protected.

Access control is considered the most important ...

Get The InfoSec Handbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.