Infosec Management Fundamentals by Henry Dalziel

Author:Henry Dalziel
Language: eng
Format: epub
ISBN: 9780128041871
Publisher: Elsevier Inc.
Published: 2015-01-03T05:00:00+00:00

Chapter 8

Access Management

Access management deals with what resources people can get to, those resources they need in order to do their jobs.

Keywords

Active Directory; OpenLDAP

Access management deals with what resources people can get to, those resources they need in order to do their jobs. The first question you should ask is:

Does everyone have the access they need in order to do their jobs?

If someone starts a new job and they need to grant that person rights in Active Directory, a higher risk approach is to look at the most senior member of the company and say just copy his/her credentials. I say this is a higher risk, since it comes with a greater likelihood that you will potentially grant the new hire unnecessary access to systems that store sensitive data. If you provide people with the appropriate access they need in order to do their jobs, it’s unlikely they are going to have a need or desire to circumvent your access controls (i.e., ask someone to share his/her username and password), but you first need to understand what those access rights are.

Another question you should ask:

Can unmanaged devices attach to our network?

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.