facebook linkedin twitter

Computerware Blog

Best Practices to Control Your Access Control

Best Practices to Control Your Access Control

Over time, your business will accumulate a lot of data, including some that certain employees or departments will have no need to see (or perhaps shouldn’t see). An effective way of keeping eyes from wandering is through an access management policy. Let’s go over a few elements you ought to prioritize in your approach to controlling internal access.

Role-Based Permissions

Let’s say that you have a hypothetical business that employs 25 people, one of whom handles your human resources. So, while most of your employees are tending to your clients and customers, one of them is handling payroll and billing. Feel free to double-check my math, but that means that a grand total of one person needs access to your business’ financial information in order to fulfill their responsibilities. Why leave the option open for another employee to take a peek at these records, even if by mistake?

By using a role-based access management solution, you can help prevent this from occurring without devoting too much time to individually assigning permissions. Instead, permissions can be applied to work roles en masse. This way, all you have to do to rescind or assign new permissions to a user is to remove or add a role. This makes adjusting permissions much simpler, more efficient, and less likely to result in a mistake.

Limiting Permissions to the Functional Minimum

On a related note, you need to consider the extent of your role-based permissions, especially in an office where there are multiple departments. While managers may be an authority in the office, there isn’t very much reason that your HR manager would need to edit the data that your Fulfillment department generates - although there may be some resources that the two departments would need to share.

While you should avoid restricting your employees’ access to the point that they cannot do their jobs, you also need to protect your data by limiting them to just the data they need. Many solutions offer the ability to even grant temporary permissions, so that you don’t need to worry about forgetting to adjust a user’s permissions later.

Layering Protections with Multi-Factor Authentication

In theory, passwords should be enough to secure an account, but there are a few considerations that prevent this from being the case. First, cybercriminals aren’t manually typing in each guess they have. They instead leverage automated programs to rapidly try countless (by human standards) different combinations to make their way in. Secondly, it isn’t as though all users are creating passwords that are sufficiently secure, either.  Examples like the use of common dictionary words, simple-to-remember numerical codes, and other basic strategies have been in place for years to the detriment of business security.

There is some pretty considerable historical precedent, especially where lax password preferences are concerned. The entirety of the United States’ nuclear arsenal was defended by a passcode for 20 years that shows just how likely it is that your users will cut corners:

“00000000”

So, it isn’t an unfair assumption that your business data may not be as well-protected as it ought to be.

This is where Multi-Factor/Two-Factor Authentication (MFA/2FA) comes into the picture. Rather than just providing a credential that you know, you’ll have to go another step and provide additional proof of your identity (as you confirm through your username and first authenticate with your password). This additional proof of your identity forces you to utilize some other method of authentication--one that a cybercriminal typically finds difficult to intercept or duplicate--to confirm that you are who you claim to be.

This secondary authentication can come in many forms - whether it is an additional code delivered to you on demand via an app, a physical dongle that you insert into the device you are trying to access, or some biometric identifier.

Taking these methods into consideration, you actually have many options to help keep your data secure, while still accessible to those who need to use it.

For help in implementing any of these methods, lean on the professionals at Computerware. Give us a call at (703) 821-8200 to learn more.

How a Mobile Device Policy Can Benefit Your Busine...
Collaboration Is a Big Deal for Businesses
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, January 24, 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Software Internet Cloud Data Hackers Business Management Workplace Tips Hardware Network Security Microsoft Productivity Backup Business Hosted Solutions Email Managed Service Provider Productivity IT Services Malware Saving Money Efficiency Innovation Google Small Business Collaboration User Tips Computer IT Support VoIP Data Backup Quick Tips Smartphones IT Support Network Data Recovery Mobile Devices communications Android Microsoft Office Business Continuity Disaster Recovery Gadgets Cybersecurity Communication Smartphone Phishing Social Media Upgrade Mobile Office Server Virtualization Mobile Device Miscellaneous Mobile Device Management Ransomware Users Managed IT Services Windows Passwords Holiday Operating System BDR Vendor Management Apps Outsourced IT Internet of Things Windows 10 Tech Term Automation Facebook Unified Threat Management Remote Monitoring BYOD Remote Computing Apple Mobile Computing Managed IT services Covid-19 WiFi Analytics Data Management Windows 10 Training History Marketing Managed Service Artificial Intelligence Browser Save Money Cloud Computing Spam The Internet of Things Help Desk Firewall Business Technology Alert Bandwidth App Big data Encryption Health Budget Two-factor Authentication Office Information Technology IT Consultant Office 365 VPN Gmail Government Maintenance Managed IT Access Control Printer Content Filtering Cybercrime Going Green Information Windows 7 Blockchain Networking Wi-Fi Bring Your Own Device Hard Drives Antivirus Search Computers Saving Time Outlook Windows 8 Recovery Employer-Employee Relationship Best Practice Virus Lithium-ion Battery Tech Support Remote Work Retail Cost Management Healthcare Document Management Hiring/Firing Wireless Technology Computing Project Management Travel Customer Service Conferencing Education Avoiding Downtime Humor iPhone Update Storage Risk Management Data Security It Management IBM Hacking Patch Management Augmented Reality Money Phone System Data Loss Vendor Applications SaaS End of Support Twitter Intranet Law Enforcement Wireless File Sharing Voice over Internet Protocol Hard Drive Compliance Solid State Drive Website Data storage Mobility Flexibility Laptop Save Time Password Meetings Router Downtime Value Customer Relationship Management Legal PowerPoint Hacker Regulations Current Events Computer Repair Running Cable Proactive IT Remote Data Breach Administration Disaster User Hosted Solution Employees Virtual Desktop Digital Fax Server Robot Social Websites Securty DDoS Google Maps Software as a Service Monitoring Black Market Social Engineering Net Neutrality Business Intelligence Word Excel Chrome Cryptocurrency Management Employee/Employer Relationship Digital Payment Business Growth Cortana Vulnerabilities Cooperation Private Cloud Comparison Tablet Scam Telephony Company Culture Machine Learning Paperless Office Social Networking Sports Telephone Systems Smart Devices Programming Solutions Evernote Statistics Specifications Safety Virtual Assistant Network Congestion Professional Services eCommerce Public Cloud Licensing Distribution Lifestyle Video Conferencing Documents Start Menu Tech Terms Inbound Marketing IT service Integration Identity Theft Entertainment Notifications Streaming Media Teamwork Heating/Cooling Holidays Mobile Technology Cost Uninterrupted Power Supply Managed Services Provider Politics Bluetooth Virtual Reality Pain Points Display Vulnerability Emails Automobile Chromebook Bitcoin How To Google Docs eWaste Data Protection Managed Services Multi-factor Authentication Memory Computing Infrastructure Hack Telephone Experience Managed IT Service How To Download Monitors Downloads Computer Accessories Cleaning Office Tips Time Management Gaming Console Processor Processors Trending Redundancy Microchip Taxes Text Messaging User Error YouTube USB Webcam Mouse Co-managed IT Unified Communications Settings Presentation Distributed Denial of Service Screen Reader Customer Resource management Drones Navigation Virtual Machine Human Resources Knowledge Employer Employee Relationship Data Storage Gamification Application Consultation G Suite Data Analysis Hacks Physical Security 3D Ebay Point of Contact Procurement Piracy Upload Technology Tips Thin CLient Reviews Smart Tech Fiber-Optic Database GDPR Managing Risk Audit Relocation Smart Phones Tablets Organization HTML Permissions Language Printers SQL Server Banking Fake News Botnet Communitications Telephone System Tech Hypervisor PCI DSS Mobile Security Digital Signature Data Warehousing Sync Music Fileless Malware Hybrid Cloud Emergency Hard Drive Disposal CCTV Adminstration Pirating Information Analytic Best Practives Supply Chain Management Software License Trends switches Writing Access Leadership Recycling Shopping Multi-Factor Security Microsoft Excel Computer Malfunction Product Reviews Internet Service Provider Fraud Tactics Upgrades Modem Strategy Computer Care Reliable Computing AI Devices Proxy Server Azure Business Metrics Microserver IT Assessment Term PDF Read Regulations Compliance UTM Content LiFi Electronic Medical Records Transportation Google Drive Windows Server 2008 In Internet of Things Error Directions Remote Working IT Plan Enterprise Resource Planning Best Available Recording Keyboard Spyware Optimization Mobile Payment Gig Economy Legislation Motion Sickness Get More Done email scam Addiction Deep Learning SSID Electricity Printing Scalability Device Management Supply Chains Accountants A.I. Work/Life Balance Dark Web Free Resource Domains Business Managemenet Turn Key Electronic Health Records Processing Messenger Tracking Content Management Printer Server Financial Data Visible Light Communication Health IT Public Speaking Upselling Wireless Headphones Wasting Time Rental Service Video Surveillance Trojan Migration Connected Devices IT consulting Logistics Shortcut cache Virtual Machines Television Memes Smartwatch Troubleshooting Web Server Managing IT Services Network Management Entrepreneur WannaCry Cyber security Cabling Saving ZTime online Currency Organize 2FA Equifax Fleet Tracking Bookmark Surveillance CIO Google Play Environment Corporate Profile Telephone Service Books Workers Telework Device security MSP Advertising Flash HIPAA Employer/Employee Relationships Freedom of Information Administrator Nanotechnology Social Network Staffing Google Wallet Electronic Payment Managing Costs Supercomputer Debate Remote Workers Desktop Finance Windows XP Microsoft 365 Competition Assessment SharePoint Harddrive LinkedIn IT Browsers Business Owner Tip of the week GPS Virtual Private Network Business Cards Service Level Agreement Displays Medical IT Trend Micro Google Calendar Worker Startup Asset Tracking Society Skype Development Unified Threat Management Backup and Disaster Recovery Micrsooft Security Cameras VoIP Threats Reading External Harddrive Samsung Archive Webinar FinTech Username User Tip Proactive Maintenance IP Address Touchscreen News Capital Managing Stress Productuvuty Regulation 3D Printing Personal Information CES Financial CrashOverride

toner1