This website uses cookies to ensure you have the best experience. Learn more

Access Control Methods For Companies Essay

614 words - 3 pages


1. Shovels and Shingles is a small construction company consisting of 12 computers that have Internet access.
For this scenario, I would implement Discretionary/Software controls. With software controls you can determine who has the appropriate permissions to access the 12 computers and with Discretionary Access Control (DAC) allows each user to control access to their own data. DAC is typically the default access control mechanism for most desktop operating systems. Which is appropriate for the company because they are desktop dependant. This allows for enforcement of a good security policy.

2. Top Ads is a small advertising company consisting of 12 computers that have Internet Access. All employees communicate using smart phones.
For this scenario I would implement Role Based/ Software controls. With software controls you can determine who has the appropriate permissions to access the 12 computers as well as the smartphones ...view middle of the document...

Also Physical controls to protect the room the servers will be placed in. Mandadory Access Control would be the other Access Control to be used. Mandatory Access Control secures information by assigning security levels to information and security clearances to users. The data’s security level indicates its sensitivity. All users have access to only the data for which they have a clearance. This allows for enforcement of a good security policy.

4. Backordered Parts is a defense contractor that builds communications parts for the military. All employees communicate using smartphones and email.
I would apply Physical controls to protect the parts as well as Software controls for the smartphone and email use. Again I would also use Mandatory Access Control With MAC, policy rules describe the circumstances in which access is allowed, and the operating system imposes these rules. These Policies can be written to restrict access in many ways, such as limiting access to information based on the time of day . Also, users can write to a higher classification, read from a lower classification, and read and write objects of the same classification. Administrators, not resource owners, generally set and change the resource’s security level MAC is suitable for extremely secure systems, such as multilevel secure military applications and mission critical data applications.

5. Confidential Services Inc. is a military-support branch consisting of 14,000,000 computers with Internet access and 250,000 servers. All employees must have security clearances, and they communicate mainly using BlackBerry devices and email.
For this scenario I implemented Administrative controls to assign security clearances to the appropriate employees. Logical/technical controls as well as Software for the BlackBerry and computer use. I would also apply Physical controls to protect the servers for the company. Mandatory Access Control should be used also because it secures information by assigning security levels to information and security clearances to users. The data’s security level indicates its sensitivity. All users have access to only the data for which they have a clearance. Being a military contractor This allows for enforcement of a good security policy.

Other Papers Like Access Control Methods for Companies

Unit 1 Assignment 1

415 words - 2 pages . 4. Change The Account Name Change The Password (or Create A Password if the account does not currently have one) Remove The Password (if one is currently configured) Change The Account Type 5. Administrators can use access control to manage user access to shared resources for security purposes. In Active Directory, access control is administered at the object level by setting different levels of access, or permissions, to objects, such as

Digital Rights Management (Drm) Research Paper

1051 words - 5 pages existence since material required copyright, controlling access to material and distribution. Creators of the material find that DRM protects their rights to compensation of ideas, products, or services. This is more difficult when the Internet became popular; programs and applications have replaced older methods of copyright protection but this decreases user control. The restrictions have evolved with advancements in technology that allow

Evaluation of System of Internal Control-Lbj Company

1037 words - 5 pages operations. In order to identify and establish effective controls, management must continually assess the risk, monitor control implementation, and modify controls as needed. Top managers of publicly held companies must sign a statement of responsibility for internal controls and include this statement in their annual report to stockholders. As requested, our auditing firm has provided an


1740 words - 7 pages . Having control over data will allow you to share it with colleagues, friends etc. having control on others data is becoming easier by technology, because you can access data from anywhere, once you access it you may do whatever you want if you can. For this reason if someone does not want his writings to be under anyone control, he can save it as read only to make sure that even if someone access it he cannot control it by changing the concept or

Wireless Tech

1574 words - 7 pages risk; * Conclude on the adequacy of internal control over financial reporting. In a previously held meeting the following company practices were listed by your company’s representative. 1. One accountant serves as treasurer and controller in this dual role, he purchases all of the supplies and pays for these purchases. He also receives the checks and completes the monthly bank reconciliation. 2. All employees have access to the petty

Foreign Direct Investment

1056 words - 5 pages Foreign Direct Investment Joining Forces Foreign direct investment methods · Investment in a joint venture in a foreign market · Mergers and acquisitions · Greenfield investment Reasons for foreign direct · Some governments prohibit or limit imports of goods produced in other countries · Producing goods in the target market avoids import duties and other taxes and the requirements for import permits · Companies can obtain the

Unit 4 Assignment 1: Enhance an Existing It Security Policy Framework

698 words - 3 pages employee bears responsibility for the consequences should the access is misused. Please review the following policies for details of protecting information when accessing the corporate network via remote access methods, and acceptable use of Richman Investment's network:  Acceptable Encryption Policy  Wireless Communications Policy  Acceptable Use Policy For additional information regarding Richman Investment's remote access

Virtual Private Network

2502 words - 11 pages of a GATEWAY to the internal network and any number of remote clients ➢ The gateway is the machine to which the clients connect ➢ The gateway provides the server side encryption/decryption and user authentication Protocols Used in VPN PPTP Short for Point-to-Point Tunneling Protocol, a new technology for creating VPNs, developed jointly by Microsoft, U.S. Robotics and several remote access vendor companies, known collectively as


348 words - 2 pages Essay Week 2 Daniel Farella I.T.T. Technical Institute Author Note: This essay is being submitted on 5/9/2013 for Earl Robinson intorduction to security class. Essay week 2 * The remote access control policy consists of * Group membership  * Type of connection  * Time of day  * Authentication methods  * Advanced conditions:  * Access server identity  * Access client phone number or MAC address

Hr Outsourcing

1327 words - 6 pages Resources is a department that does not produce revenue for the company, therefore in the last few years big and mid-sized companies decided to outsource their HR department. After researching some of the articles and surfing the Internet, I have found very interesting articles about companies outsourcing. Human resources outsourcing is most common in organizations with 2,500 or more employees, where demand and resources allow human resources to

Internal Controls Of Acocunting

919 words - 4 pages the verification, and discrepancies and exceptions are reported to management so they may take the appropriate steps for correction (Weygandt, Kimmel, & Kieso, 2008). Companies should also conduct background checks of all employees and rotate their duties every few months. All of these efforts along with the principles of internal control work together to prevent misappropriation of funds by any one employee. The Sarbanes-Oxley Act of 2002

Related Essays

Disaster Recovery Plan Essay

590 words - 3 pages | Enhanced Security for Data Access | | Richard Edvalson 1/12/2014 | Contents I. Contents 1 II. Introduction 5 III. Access Control Layers 5 A. The Access Control Perimeter 5 B. Asset Containers 5 C. Workplace Perimeter 5 IV. Access Control Methods and Technical Strategies 5 A. Identification, Authentication, and Authorization 5 B. Logical Access Controls 5 1. Network Architecture Controls 5 2

Access Control Policy Essay

1684 words - 7 pages perform. Access control does exactly what it says, it controls what access an authorized user can have. A reference monitor is used for access control and follows instructions from an authorization database. These authorizations are controlled and administered by a security administrator who sets the access controls based on the companies’ security policies, which are defined by the organization. The decision of which access controls to use

Tjx Technology Essay

580 words - 3 pages . Problem facing: The TJX Companies, Incorporated has faced the worst security problem in the past years. The thieves focused on major retail chain and stole the customers’ credit card information. The thief can easily steal the information mainly because TJX’s security level was low. And having an unqualified security control, which means the methods and policies used to prevent unauthorized access and to ensure the safety of organization’s asset

Access Control Essay

1625 words - 7 pages control policy? 2) What are the access methods (such as LAN, wireless, or VPN) I want to protect? 3) How will this integrate with my existing infrastructure? Once you answer these questions, you can begin to gather test lab resources, such as servers (for policy definition points), laptops or desktops (for network access requestors), and switches, access points, and VPN servers (for policy enforcement points). Getting Started with Network Access