facebook linkedin twitter

Computerware Blog

Properly Assigning Access Control Measures Doesn’t Have to Be Difficult

Properly Assigning Access Control Measures Doesn’t Have to Be Difficult

Unless you run a business in which each and every employee is responsible for identical tasks, you are going to encounter the need for variable permissions among your staff so that your data can be better protected. One effective means of enforcing these permissions is through an access management policy. Let’s review a few components you should include in such a policy.

Permissions, Dictated by Roles

Consider the different responsibilities that different departments and positions within your business will be tasked with. Naturally, not everyone will need equal access to the same data, so why should you leave the possibility of data loss (intentional or accidental) open? Furthermore, why allow your employees to be tempted by unregulated access to sensitive data?

A role-based access management solution can help eliminate these challenges, without micromanaging each employee’s permissions. Instead of selecting permissions that apply to each employee, individually, you can create groups that enable access to roles that these employees fill. That way, editing these permissions becomes a much simpler task, and largely eliminates the chances of making a mistake in the process.

Only Providing Necessary Permissions

While on the subject of access control, you also need to really consider the extent of some of your users’ permissions--especially as far as interactions among different departments is concerned. While all managers are technically authority figures, and departments can share data needs, there are times that some data simply doesn’t need to be touched by certain users.

While you don’t want to give your users excessive access to data, it also wouldn’t help to excessively restrict their access. This is why you need to find the balance between the two options, and make use of the different options many of these solutions provide, like temporary permissions and the like. 

Reinforcing Defenses with Multi-Factor Authentication

In a perfect world (that for some reason still required security measures), passwords would be more than sufficient to prevent unauthorized access to an account. Sadly, cybercriminals still cause authentication to be a necessity, and possess the tools and resources to break past many of the passwords that business users will use, especially since these passwords aren’t often in line with best practices anyway. Dictionary words, number patterns, and other simple password tricks are commonly used to the disadvantage of an organization’s overall data security.

This is far from a new phenomenon. For 20 years during the Cold War era, the password for the entirety of the United States’ nuclear arsenal was the terrifyingly-simple “00000000.”

If nuclear bombs were once protected by this code, how likely do you think it is that your employees would resort to something similar?

While you should always encourage your users to come up with the most secure passwords possible, another effective approach comes in the form of using Two-Factor (or Multi-Factor) Authentication. Rather than allowing access once a password has been confirmed, 2FA/MFA demands an additional authentication method that tends to be more secure than the normal means, such as an additional code generated by an application, or perhaps a biometric indicator.

By putting methods like these to work for your success, you can ensure that your data is well-managed and secure, without unduly inconveniencing your workforce.

Computerware can help you put these methods into practice. Learn more by reaching out to us at (703) 821-8200.

Don’t Be Dumb About Smart Technology
There Are Some Serious Benefits of Backup


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, February 18, 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Business Computing Internet Software Cloud Business Management Hackers Data Hardware Microsoft Workplace Tips Network Security Backup Managed Service Provider Business Hosted Solutions Productivity Email Malware IT Services Saving Money Efficiency Computer Productivity Google User Tips IT Support Small Business Smartphones Innovation Mobile Devices Data Backup Quick Tips VoIP Collaboration Business Continuity Network Gadgets IT Support Microsoft Office communications Android Upgrade Data Recovery Social Media Server Disaster Recovery Mobile Office Cybersecurity Communication Virtualization Smartphone Mobile Device Management Miscellaneous Phishing Ransomware Holiday Vendor Management Windows 10 Passwords Windows Tech Term Operating System Managed IT Services Unified Threat Management Remote Monitoring Apps Facebook Outsourced IT Internet of Things BDR Mobile Device Automation Remote Computing Managed IT services Apple Mobile Computing Data Management Analytics Users BYOD WiFi Windows 10 Artificial Intelligence The Internet of Things Marketing History Browser Cloud Computing Save Money Firewall App Big data Help Desk Alert IT Consultant Encryption Spam Office 365 Training Two-factor Authentication Bandwidth Business Technology Health Cybercrime Content Filtering Information Technology Going Green Hard Drives Bring Your Own Device Access Control Maintenance Printer Antivirus Gmail Managed IT Government Office Recovery Employer-Employee Relationship Retail Best Practice Lithium-ion Battery Cost Management Information Windows 8 Outlook Hiring/Firing Healthcare Budget Wireless Technology Computers Saving Time Windows 7 Tech Support Search VPN Virus Managed Service Data Loss Update Phone System iPhone Hacking Project Management Networking IBM Money Document Management Humor Customer Service It Management Travel Blockchain Education Avoiding Downtime Conferencing Data storage Risk Management Current Events Data Breach Password Value Legal Save Time Hacker Downtime Customer Relationship Management Regulations Augmented Reality PowerPoint SaaS Computing Running Cable Proactive IT File Sharing Administration Hard Drive Wireless Law Enforcement Applications Twitter Intranet Mobility Website Patch Management Solid State Drive Compliance Social Engineering Flexibility Scam Black Market Voice over Internet Protocol Cryptocurrency Word Monitoring Laptop Business Intelligence Private Cloud Cortana Business Growth Digital Payment Wi-Fi Excel Digital Telephony Websites Router Management Machine Learning Comparison Tablet Paperless Office Vulnerabilities Fax Server Telephone Systems Cooperation Software as a Service Company Culture Sports Computer Repair Vendor Disaster User End of Support Social Networking Hosted Solution Virtual Desktop Social Robot Data Security Securty Google Maps DDoS Storage Bluetooth Streaming Media Automobile Inbound Marketing Emails Chromebook Redundancy Smart Devices Computing Infrastructure Hack Pain Points Memory How To eWaste Google Docs Net Neutrality Meetings Evernote Co-managed IT Experience Chrome User Error Download Managed Services Provider Virtual Assistant Cleaning Monitors Office Tips Multi-factor Authentication Telephone Processors Start Menu Tech Terms Computer Accessories Microchip Taxes Lifestyle Distributed Denial of Service USB Managed IT Service Mobile Technology YouTube Presentation Gaming Console Unified Communications Settings Trending Public Cloud Licensing Uninterrupted Power Supply Mouse Specifications Safety Text Messaging Vulnerability Webcam Processor Bitcoin Programming Identity Theft Statistics IT service Network Congestion Documents Data Protection Distribution Entertainment Teamwork Heating/Cooling Politics Professional Services Virtual Reality Downloads GDPR Managing Risk Time Management Freedom of Information LiFi Analytic Telephone System PDF SQL Server Corporate Profile Recycling Mobile Security Trojan Assessment SharePoint Product Reviews Multi-Factor Security Organize Cost Scalability Adminstration Integration Pirating Information Software License Trends Motion Sickness Best Available Keyboard Tech Leadership Hypervisor Devices Messenger Tracking Domains Holidays Tip of the week Work/Life Balance Read Fraud Tactics Fileless Malware Hybrid Cloud Google Calendar Deep Learning Public Speaking Modem Strategy Touchscreen News Visible Light Communication Proxy Server Azure VoIP UTM Content Rental Service Consultation IT consulting Legislation Error Cabling Electronic Medical Records Transportation Knowledge Device Management IT Plan Enterprise Resource Planning Web Server Shortcut Term Business Managemenet Accountants Webinar A.I. Books Workers Troubleshooting Recording Optimization Content Management Communitications email scam Addiction Administrator Entrepreneur Directions Display Technology Tips Supercomputer HIPAA Upselling SSID How To Fake News Advertising Flash Environment Dark Web Free Resource Audit CIO Managed Services Data Warehousing Windows XP Wireless Headphones Worker Electronic Payment Health IT Employee/Employer Relationship Video Surveillance Staffing Google Wallet online Currency Migration Connected Devices Competition Processing Equifax Fleet Tracking Reading Samsung Business Owner Logistics Virtual Machines Emergency Hard Drive Disposal Society IT Assessment Network Management Saving ZTime Wasting Time Access Displays Employer Employee Relationship IP Address Cyber security Microsoft Excel G Suite Bookmark Computer Care Micrsooft LinkedIn Device security MSP Harddrive Google Play Telephone Service Google Drive Windows Server 2008 Nanotechnology Social Network Human Resources Employer/Employee Relationships Debate Drones Desktop Best Practives Finance Hacks Physical Security Application Skype Startup Asset Tracking Relocation Tablets GPS Microsoft 365 Archive Electronic Health Records Business Cards Service Level Agreement Banking Botnet Managing Costs Spyware Mobile Payment Username Medical IT Trend Micro Permissions Language Memes Unified Threat Management Backup and Disaster Recovery Microserver Sync External Harddrive Browsers Electricity Printing Security Cameras Threats Point of Contact Screen Reader Customer Resource management User Tip Proactive Maintenance Gamification Notifications CCTV Digital Signature switches Writing Smart Tech Reliable Computing 3D Solutions Ebay Music Piracy Get More Done Upload Business Metrics Computer Malfunction Navigation Thin CLient Virtual Machine cache Television HTML Printer Server eCommerce IT Fiber-Optic Database Turn Key In Internet of Things Smart Phones Data Analysis Employees WannaCry Upgrades Printers Managing Stress Regulation CrashOverride 3D Printing Capital Personal Information Productuvuty Financial Surveillance