facebook linkedin twitter

Computerware Blog

Best Practices to Control Your Access Control

Best Practices to Control Your Access Control

Over time, your business will accumulate a lot of data, including some that certain employees or departments will have no need to see (or perhaps shouldn’t see). An effective way of keeping eyes from wandering is through an access management policy. Let’s go over a few elements you ought to prioritize in your approach to controlling internal access.

Role-Based Permissions

Let’s say that you have a hypothetical business that employs 25 people, one of whom handles your human resources. So, while most of your employees are tending to your clients and customers, one of them is handling payroll and billing. Feel free to double-check my math, but that means that a grand total of one person needs access to your business’ financial information in order to fulfill their responsibilities. Why leave the option open for another employee to take a peek at these records, even if by mistake?

By using a role-based access management solution, you can help prevent this from occurring without devoting too much time to individually assigning permissions. Instead, permissions can be applied to work roles en masse. This way, all you have to do to rescind or assign new permissions to a user is to remove or add a role. This makes adjusting permissions much simpler, more efficient, and less likely to result in a mistake.

Limiting Permissions to the Functional Minimum

On a related note, you need to consider the extent of your role-based permissions, especially in an office where there are multiple departments. While managers may be an authority in the office, there isn’t very much reason that your HR manager would need to edit the data that your Fulfillment department generates - although there may be some resources that the two departments would need to share.

While you should avoid restricting your employees’ access to the point that they cannot do their jobs, you also need to protect your data by limiting them to just the data they need. Many solutions offer the ability to even grant temporary permissions, so that you don’t need to worry about forgetting to adjust a user’s permissions later.

Layering Protections with Multi-Factor Authentication

In theory, passwords should be enough to secure an account, but there are a few considerations that prevent this from being the case. First, cybercriminals aren’t manually typing in each guess they have. They instead leverage automated programs to rapidly try countless (by human standards) different combinations to make their way in. Secondly, it isn’t as though all users are creating passwords that are sufficiently secure, either.  Examples like the use of common dictionary words, simple-to-remember numerical codes, and other basic strategies have been in place for years to the detriment of business security.

There is some pretty considerable historical precedent, especially where lax password preferences are concerned. The entirety of the United States’ nuclear arsenal was defended by a passcode for 20 years that shows just how likely it is that your users will cut corners:


So, it isn’t an unfair assumption that your business data may not be as well-protected as it ought to be.

This is where Multi-Factor/Two-Factor Authentication (MFA/2FA) comes into the picture. Rather than just providing a credential that you know, you’ll have to go another step and provide additional proof of your identity (as you confirm through your username and first authenticate with your password). This additional proof of your identity forces you to utilize some other method of authentication--one that a cybercriminal typically finds difficult to intercept or duplicate--to confirm that you are who you claim to be.

This secondary authentication can come in many forms - whether it is an additional code delivered to you on demand via an app, a physical dongle that you insert into the device you are trying to access, or some biometric identifier.

Taking these methods into consideration, you actually have many options to help keep your data secure, while still accessible to those who need to use it.

For help in implementing any of these methods, lean on the professionals at Computerware. Give us a call at (703) 821-8200 to learn more.

How a Mobile Device Policy Can Benefit Your Busine...
Collaboration Is a Big Deal for Businesses


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, August 04, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Cloud Software Data Business Management Hackers Hardware Workplace Tips Microsoft Network Security Backup Productivity Hosted Solutions Managed Service Provider Business Productivity Email Malware IT Services Saving Money Efficiency Google Small Business Computer User Tips Innovation Collaboration IT Support VoIP IT Support Quick Tips Data Backup Smartphones Network communications Mobile Devices Business Continuity Microsoft Office Disaster Recovery Data Recovery Gadgets Social Media Android Cybersecurity Upgrade Communication Mobile Office Server Phishing Smartphone Virtualization Mobile Device Management Miscellaneous Vendor Management Holiday Ransomware Windows 10 Operating System Users Managed IT Services Windows Mobile Device Outsourced IT Passwords Apps Tech Term Unified Threat Management Internet of Things Remote Monitoring Facebook Automation BDR BYOD Remote Computing Apple Data Management Analytics Mobile Computing Managed IT services WiFi Windows 10 The Internet of Things Cloud Computing Artificial Intelligence Training Marketing History Business Technology Firewall Browser Save Money Encryption App Alert Help Desk Big data Spam Managed Service Information Technology Health Office 365 IT Consultant Budget Office Two-factor Authentication Bandwidth Maintenance Windows 7 Printer Hard Drives Content Filtering Going Green VPN Gmail Bring Your Own Device Government Antivirus Managed IT Cybercrime Access Control Hiring/Firing Tech Support Virus Cost Management Best Practice Saving Time Lithium-ion Battery Computers Information Windows 8 Wireless Technology Healthcare Outlook Recovery Search Employer-Employee Relationship Retail Money Humor Remote Work It Management Data Security Document Management Hacking Covid-19 Blockchain iPhone Networking Data Loss Travel Phone System IBM Education Computing Customer Service Project Management Augmented Reality Update Hard Drive Applications Password Avoiding Downtime Value Mobility Legal Hacker Patch Management Conferencing Computer Repair Running Cable Proactive IT Regulations Twitter Vendor Data Breach Intranet Current Events Customer Relationship Management SaaS Wi-Fi PowerPoint Wireless Risk Management Law Enforcement Storage Website Compliance Administration Solid State Drive Data storage Save Time File Sharing Voice over Internet Protocol Downtime Flexibility Cryptocurrency Comparison Tablet Laptop Google Maps Cortana Business Growth Company Culture Social Engineering Social Networking Scam Paperless Office Meetings Cooperation Excel Monitoring Sports Private Cloud User Disaster Virtual Desktop Hosted Solution Telephony Management End of Support Social Digital Websites Robot Machine Learning Securty DDoS Vulnerabilities Telephone Systems Net Neutrality Software as a Service Business Intelligence Fax Server Digital Payment Black Market Router Word Notifications Bitcoin eWaste Computer Accessories Managed Services Provider Inbound Marketing Distribution Google Docs Data Protection Memory Trending Experience Politics Virtual Reality Emails How To Monitors Automobile Downloads Mouse Cleaning Managed Services Cost Office Tips Processors Employee/Employer Relationship Pain Points Chromebook Managed IT Service Statistics Programming Computing Infrastructure Hack USB Presentation Redundancy Network Congestion YouTube How To Unified Communications Settings Download Processor Evernote Specifications Smart Devices Safety Co-managed IT Virtual Assistant Streaming Media User Error Multi-factor Authentication Telephone Documents Video Conferencing Gaming Console Microchip Taxes Entertainment Start Menu Tech Terms Solutions IT service Distributed Denial of Service Teamwork Heating/Cooling Professional Services Webcam Mobile Technology Text Messaging Lifestyle Public Cloud Licensing Chrome Uninterrupted Power Supply Integration Bluetooth Vulnerability Identity Theft CCTV Public Speaking Modem Smart Phones Strategy Screen Reader Customer Resource management Deep Learning Electricity Proxy Server Printing Azure Gamification online Currency Work/Life Balance Term Smart Tech Microserver Reliable Computing Electronic Health Records Electronic Medical Records Transportation Piracy Upload Visible Light Communication Business Metrics Computer Malfunction Shortcut Financial Data Display Adminstration Pirating Information HTML LinkedIn Troubleshooting Memes Recording Optimization Leadership Fiber-Optic Database IT consulting In Internet of Things Entrepreneur cache Directions Television HIPAA SSID Telephone System Get More Done Environment Managing IT Services WannaCry Dark Web Free Resource Mobile Security Time Management Processing Freedom of Information Multi-Factor Security Skype CIO Turn Key Scalability Electronic Payment Surveillance Corporate Profile Health IT Software License Trends Archive Advertising Flash Printer Server Motion Sickness Competition Telework Assessment SharePoint Wasting Time Devices Staffing Google Wallet Messenger Tracking Business Owner IT Logistics Virtual Machines Fraud Tactics Windows XP Trojan Remote Workers Society Organize Rental Service IP Address Tip of the week Cyber security Point of Contact Displays Virtual Private Network Bookmark Google Calendar UTM Content Application FinTech Touchscreen Google Play News Telephone Service Legislation Error Micrsooft Cabling Development Human Resources VoIP Employer/Employee Relationships Upselling IT Plan Enterprise Resource Planning Web Server Consultation Managing Costs Video Surveillance Accountants A.I. Drones Books Workers Knowledge Microsoft 365 email scam Addiction Administrator Data Storage Supercomputer Medical IT Trend Micro Saving ZTime Analytic Procurement Browsers Technology Tips Recycling Digital Signature Organization Security Cameras Fake News Threats Wireless Headphones Product Reviews Worker User Tip Audit Proactive Maintenance Migration Connected Devices Permissions Language Webinar Navigation Data Warehousing Virtual Machine Debate Equifax Fleet Tracking Reading Samsung Communitications Harddrive Network Management Read PCI DSS Music Employer Employee Relationship Emergency Hard Drive Disposal eCommerce switches Writing G Suite Supply Chain Management Access Data Analysis Employees GPS Device security MSP Physical Security GDPR External Harddrive Microsoft Excel Managing Risk Nanotechnology Social Network Upgrades PDF Internet Service Provider Printers Computer Care SQL Server Desktop Finance Device Management Hacks Google Drive Tech Windows Server 2008 Hypervisor Startup Asset Tracking Business Managemenet Relocation Tablets IT Assessment Business Cards Service Level Agreement Content Management LiFi Banking Botnet Best Available Keyboard Regulations Compliance Ebay Username Domains Holidays Thin CLient Unified Threat Management Backup and Disaster Recovery Best Practives Sync Remote Working Spyware Fileless Malware Mobile Payment Hybrid Cloud 3D 3D Printing Managing Stress Regulation CrashOverride Personal Information Financial Capital Productuvuty