Access Controls
Access controls are not necessarily authentication, but they do define who has access to the organization’s resources. Access controls are provided different ways. The most common mechanisms are tied to those offered by the varying operating systems or software that supports the enterprise. This means that access control policies are tied to the technology used to support the business environment.
Access control policies should focus on where to use access controls instead of specifying to use them. You should look at the specifics so that a broad policy statement does not have to be applied to something that does not require control. For example, access control policies that restrict access to organizational intelligence that ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access