It’s 2017 and almost everything in your daily life is tied into an online network of some sort. Going to the movies is no longer checking the newspaper to see what is playing, or calling Moviefone and asking for the showtimes near you. Now, we simply pull out our smartphones or computers and search “movie times near me”. This alone gives enough links to allow you to have everything but the popcorn purchased in a few clicks. With that being said the threat of having that payment information stolen is often overlooked or completely forgotten. That is exactly why cybersecurity is so important in today’s world. Luckily for us, there are people working hard on preventing this threat to a peaceful life.
CyberSecurity Access Control
The global cybersecurity market is expected to be worth nearly $200 billion dollars by 2020 according to this Forbes article. Let’s define cybersecurity with the help of TechTarget. “Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.” Even with a multibillion-dollar industry cybersecurity is still something that needs to grow every day as hackers can always find a new way to obtain your information.
A large proponent to this is access control. It’s tough to hack anything if you can’t get in, so access control tries to ensure that no unauthorized parties can get into a system. There are tons of ways access control can be enforced, as shown on this all-inclusive access control wiki. Today, I will highlight a few of these controls and explain why they are important to cybersecurity. As with any good thing implemented in a company setting some planning needs to take place. So before laying out any access control or cybersecurity-related principals I recommend having a meeting to communicate and detail all of the policies that would essential for the situation at hand.
Types of Access Control
One way to set up access control is with Mandatory Access Control. This doesn’t give the user much if any, breathing room to determine who has access to their files. It is all predetermined with levels like what we see in the movies, top secret, confidential, etc. This is one way to achieve access control, but of course, there are more. Discretionary Access Control gives data owners the ability to control who has access to their data. In this method, we see the user getting more power over their own info which is a great thing in my opinion.
Another method would be Role-Based Access Control which would allow access based on things like a job title. Also, we have Rule-Based Access Control which gives access based on a predetermined rule. For example, access could be opened to all employees attending a meeting during the meetings’ timeframe even if they weren’t supposed to have access to the data normally.
All in all, access control is the gateway to cybersecurity as one cannot get into a system without going through some sort of access control process. To get into my MacBook you would at the very least need my password. This sort of logic is all it really takes to understand Access Control as it ties into cybersecurity!
Related CyberSecurity Blogs: