Need a perfect paper? Place your first order and save 5% with this code:   SAVE5NOW
HomeScience › Essay on Access Control

Essay on Access Control

Introduction

Access control is part of our day-to-day activities and also a crucial tool for IT and data specialists in a firm. These controls allow certain employees in an organization to gain accessibility to a certain application or system. Through this, the company will be able to attain the best network and system security standards while still being in-line with the various regulations and practices set for the industry (Eden, 2002). For example, any employee can access the system files to view various marketing clients on the top list while only employees in the finance department can access details pertaining to the top clients regarding their investments, queries, finance bloc etc. Moreover, the firm is able to retain client confidentiality and privacy by ensuring all employees understand the data and network security guidelines and regulations that must be upheld (. Previously Castillo’s Consultation Company expanded its network and infrastructure whereby their system needed better access control methods to be established since they were using a shared network.

Access Control Methods for Various Systems

Access control has been used by the company to protect its resources from unauthorized access by an individual or a group of individuals. In light of this, Castillo company has engaged the use of authorization in rooms requiring authorized access. Through a knowledge management system, the IT specialists have specific individuals on the authorization file with all the security access to server rooms, security footage room and also the company’s network tunnel. The company is then able to ensure that all the company data and sensitive confidential information is in safe hands with only few individuals having access to such information (Collins, 2013). Also, various security standards have been set to ensure that the user being granted access is the right user. For example, the company has constructed a new cybersecurity office which requires biometrics to access for authorized employees. The firm has provided physical access control methods to employees by issuing ID badges that grant them access to those rooms and also by using a fingerprint scanner to ensure that the information on the badge matches the fingerprint of that individual (Bertino & Samarati, 1993). Therefore, in case of a breach, the security log can be checked to see who accessed the system, what time did they access and what applications did they access.

The company has also used the new employee management system to ensure that all the new users in the system are authorized by the administration department, and by also being provided with new user access credentials that give them access to the needed functionalities of the employee only (Rosenthal & Blaustein, 2009). For example, through the administrative access control method, all employees engaged in using the company’s network and system have to be first issued with authorization by the administrative department, whereby the administration has been given the privileges to sign in new employees to the system while also eliminating employees who left or revoking access for employees on leave. In instances that require overall access since the network is shared, the company, for example, has to give all employees full access on the company’s website and file sharing protocols by limiting the ranges of IP address being able to access the network and by also limiting the number of new users being able to access the network, so as to allow for a narrow gap of investigations in case of a data breach (Tellabi & Ruland, 2018). This will be possible by engaging a technical control access method on the company’s systems network and applications.

Ways of Protecting the New Expanded Network

Network security is one of the most important aspects of a company and also an emerging trend in network security in this era. By recognizing this fact, Castillo company has used its IT specialists to ensure that the new expanded network is accorded the highest security standards in order to ensure that all the sensitive, crucial and confidential data and information is kept safe from unauthorized access by unwanted individuals. The company has therefore used DHCP in their system to help them configure the IP addresses that are authorized to be handled by that specific network (Lockhart, 2006). This makes the network more secure as it will limit the number of IPs that have been assigned a configuration protocol. The company has also encrypted passwords on the network by using Wi-Fi Protected Access on the network router in an aim to ensure that the company employees use a reliable and well encrypted network (Dowling, 2012). Moreover, with the high increase in clients and customers in the company, the management has been able to use the web application firewall to protect sensitive information on clients purchases and dealings with the company. In doing this, the company aims at ensuring that they protect its network line so as to facilitate strong security protocols and standards that satisfy both the company’s stakeholders and clients.

SSO and VPN Technologies

Single sign-on technology is a type of technology that uses different application login platforms into one. This technology allows a user to enter login requirements one at a time in a single page to access all the resources they need. This eliminates the need to enter login credentials for individual applications and systems. This will then allow users to sign in only once and the login credentials entered are communicated to other applications and systems (Hu & Chen, 2010). However, this tool cannot be used in the company as it will enable the sharing of personal login credentials to other systems and applications which will minimize the confidentiality of sensitive data and information. Moreover, the company has a system whereby all new users in the network are issued with special login information.

The VPN technology is in place as an access control mechanism that encrypts connections over the internet connectivity to establish the safe transmission of confidential data. This allows a user to conduct their work remotely without other people in the network traffic eavesdropping on their transactions (Berger, 2006). In this instance, it is hard for the company to engage in using VPN technology since they are using a shared network which will make it hard for this perspective to be employed. Moreover, some VPNs that allow the setting of the private network between multiple offices are limited. Some which allow the VPN to be set on the router so that the router can act as a central point, may not be applicable in this company as it is expanding its infrastructure and resources, therefore the employees are connected to more than one router but all on the same network tunnel.

References

Berger, T. (2006, April). Analysis of current VPN technologies. In First International Conference on Availability, Reliability and Security (ARES’06) (pp. 8-pp). IEEE.

Bertino, E., Jajodia, S., & Samarati, P. (1993). Access controls in object-oriented database systems—Some approaches and issues. In Advanced Database Systems (pp. 17-44). Springer, Berlin, Heidelberg.

Collins, L. (2013). Access Controls. In Computer and Information Security Handbook (pp. 1015-1021). Morgan Kaufmann.

Dowling, M. (2012). Enabling remote working: protecting the network. Network Security2012(3), 18-20.

Eden, B. (2002). Security Transformation: Digital Defense Strategies to Protect Your Company’s Reputation and Market Share. The Bottom Line.

Hu, J., Sun, Q., & Chen, H. (2010, October). Application of Single sign-on (SSO) in Digital Campus. In 2010 3rd IEEE International Conference on Broadband Network and Multimedia Technology (IC-BNMT) (pp. 725-727). IEEE.

Lockhart, A. (2006). Network Security Hacks: Tips & Tools for Protecting Your Privacy. ” O’Reilly Media, Inc.”.

Rosenthal, A., Seligman, L., Chapman, A., & Blaustein, B. (2009). Scalable access controls for lineage. MITRE CORP BEDFORD MA BEDFORD United States.

Tellabi, A., Sassmanhausen, J., Bajramovic, E., & Ruland, K. C. (2018, July). Overview of Authentication and Access Controls for I&C systems. In 2018 IEEE 16th International Conference on Industrial Informatics (INDIN) (pp. 882-889). IEEE.

 

Don't have time to write this essay on your own?
Use our essay writing service and save your time. We guarantee high quality, on-time delivery and 100% confidentiality. All our papers are written from scratch according to your instructions and are plagiarism free.
Place an order

Cite This Work

To export a reference to this article please select a referencing style below:

APA
MLA
Harvard
Vancouver
Chicago
ASA
IEEE
AMA
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard
Copy to clipboard

Related Essays

Spirituality in treating critically ill patients

I. Spirituality in treating Patients in Critical conditions Ethics refers to a set of moral principles that govern well established standards of right and wrong that dictate things that people should do. When making medical and health care decisions, ethics plays a major role in the application of non-maleficence, beneficence, health maximization, efficiency, respect for ... Read More
Pages: 6       Words: 1467

Project Comparing State Policies on Sexually Transmitted Diseases

Introduction Numerous sexually transmitted diseases affect people. The majority of the population is often concerned with the transmission of HIV/AIDs. Young people in the United States have marked the highest rates of sexually transmitted diseases and unwanted pregnancies in the last few years. Practicing safe sex is important in maintaining good health among the population. ... Read More
Pages: 14       Words: 3592

Pandas and Why They Are Endangered

There are two known species of Pandas today: the Red Panda and the Giant Panda. Despite them sharing a name, the two pandas are not related. The red Panda has a characteristic rusty shade and is relatively smaller than the other species. The scientific name of this animal is Ailurus fulgens (Akshay). Despite their bear-like appearance, the ... Read More
Pages: 7       Words: 1766

What Questions and Considerations Can We Raise About the Technology, Ethically or Otherwise? (ChatGPT)

With innovations like the development of artificial intelligence (AI) technologies like ChatGPT, the field of artificial intelligence has advanced significantly in recent years. Although these technologies have much to give in terms of potential advantages, they also bring up significant ethical considerations. We must critically consider the ethical implications of ChatGPT and other AI systems ... Read More
Pages: 5       Words: 1358

Social Media Campaign to Prevent and Reduce Substance Abuse in Dallas, Texas

Introduction Dallas in Texas is among the common rampant drug users in the U.S. In order to address this problem, community health nurses can utilize the reach of social media to create powerful methods for prevention and intervention. Throughout this study, a social media initiative designed to curb drug usage among Dallas’s youth. The campaign uses ... Read More
Pages: 22       Words: 6011

Advances in Diagnosis and Management of G6PD Deficiency: Challenges and Future Directions

Abstract Millions worldwide are afflicted with the genetic condition G6PD deficiency, connected to the X chromosome. This paper examines and assesses diagnostic approaches, management and therapy plans, problems, and potential future research areas in G6PD deficiency. Enzyme assays, molecular techniques, education and awareness campaigns, supportive care, genetic counseling, novel medicines, and current barriers will be ... Read More
Pages: 7       Words: 1736
Need a plagiarism free essay written by an educator?
Order it today

Popular Essay Topics