I had a conversation earlier today about what really is the most important aspect of security. Is it to protect the PC from viruses, to encrypt all communication or to encrypt all hard drives? From listening to the marketing messages from different vendors it is hard to know. I would say that they are all important but the most important thing is access control. It is essential to know who has the right to access what during what circumstances, without that there is no security. In general people has to much access which is strange, even highly trusted employees do not usually get keys to the safe.
Here are things that you always should be able to determine before someone is granted access:
* Who the user is (strong authentication)?
* What device is used and how secure is it?
* Which access should the user have?
* Where is the user (on the inside or the outside)?
Everything is linked and a weak point will be breached, but with a strong control of access many things can be avoided.
One more thing, this has the effect that all applications have to be secured and locked indivually. There needs to be a lock in the door so to speak.
Subscribe to:
Post Comments (Atom)
1 comment:
I enjoyed reading the information posted in this article about security. The complete and accurate meaning of security is discussed in this article. I think its important for everyone to learn the complete meaning of security.
electronic signature
Post a Comment