Organizations have two concerns surrounding access to data: They must limit access to data from outside the organization as well as control which people have access to what data within the organization. In this project, you will explain to management the difference between authentication, authorization, and access control, and suggest how to keep outsiders from getting in and keep insiders from getting data they shouldn’t.
This is the second of four sequential projects. During this project, you will research the models for authentication, authorization, and access control. You will also communicate the recommended solution to a nontechnical audience.
There are 13 steps in this project. Begin by reviewing the project scenario and then proceed to Step 1.
Competencies
Your work will be evaluated using the competencies listed below.
- 5.3: Support policy decisions with the application of specific cybersecurity technologies and standards.
- 6.2: Create an information security program and strategy, and maintain alignment of the two.
- 6.3: Integrate the human aspect of cybersecurity into an organization’s cybersecurity policy.
- 9.3: Risk Assessment: Assess policies, processes, and technologies that are used to create a balanced approach to identifying and assessing risks and to manage mitigation strategies that achieve the security needed.
0 comments