Access Controls - Coursework Example

Develop a 2 page paper defining access controls.  As society progresses to 21st security, the concept of security becomes a critical element in a very advanced world. Commerce, transactions, and work is conducted through the internet and technology. Leaving contemporary ways also results in more vulnerabilities with new technologies. This paper will discuss the many facets of protecting these vulnerabilities against large-scale attacks and discuss many facets of access controls. One of the access control is physical access.

Physical access is pivotal because it is the first level of define. One great example is a mechanical lock that acts as a defense mechanism. As a matter of fact, intelligent readers are one of the most crucial elements that provide all the inputs to control physical security. With the advent of security, these card readers can make independent access decisions. With the innovation of IP, remote access can be even granted.Access controls have created a new generation of security in many ways for organizations.

Companies no longer have to rely on traditional methods of people or physical locks to achieve security. One of the many key elements of access controls is embedding authentication. AUP are set of standard and guidelines that are established by a user domain setting. AUP allows logical guidelines to ensure that audit practices are being conducted and risks are being controlled. AUP are extremely important component of framework of security policies because it dictates policies. AUP must be clear and concise in user domain.

One of the most prominent factors of AUP is to ensure that user domains are separated by segregation of duties. It is crucial to understand that utilizing AUP allows suspension of user domains from an administrator standpoint. Accounts can be suspended, given limited access, administration rights to install programs, etc. Moreover, AUP encompasses managing passwords, software licenses, noncompliance consequences, and escalations. NIST is also very proactive in promoting administrator rights and segregation of duties.

When administrator rights are breached or abused, PAA level agreements are crucial that are enabled to enhance accountability of user rights. It is clear that the PAA is a written, explicit agreement that a user must acknowledge to. The PAA allows the security team to generally have a contingency plan, audit in timely manner. The PAA is a typically a two page document between administration and organization. Security Assessment Policy is a governing legislation that outlines Information Security policies, employee orientation, security incidents and plans for new and existing users.

It allows users to understand and analyze the security awareness level and avoid any future mishaps that will disrupt business flows.Credentials is also a huge element that plays a vital role in access controls. Credentials allow personnel to be granted access in any given environment. Each user must provide correct credentials to ensure they are given to allow usage. . As a matter of fact, segregation of duties are also applied here. One of the most critical elements that mitigate this risk is segregation of duties.

Hence, segregation of duties is also associated with IT Internal control in which one user does not have all the power to direct these. Segregation of duties and credentials act as a supplement to differentiate users in any given environment. In a user domain, access control rights may act as buffers or give transfer rights. This when a user can have these rights can pass copies of rights to other uses. In the computing world, it often called hierarchy methods. ReferencesBest Practices for the Security APIs. (n.d.). (Windows).

Retrieved February 25, 2014, from http://msdn.microsoft.com/en-us/library/windows/desktop/ms717796(v=vs.85).aspxJohnson, R. (2011). Security policies and implementation issues. Sudbury, Mass.: Jones & Bartlett Learning.RQ News & Blog. (n.d.). ReliaQuest. Retrieved February 25, 2014, from http://www.reliaquest.com/three-steps-to-building-a-successful-security-awareness-program/Tipton, H. F., & Krause, M. (2005). Information security management handbook (5th ed.). London: Taylor & Francis e-Library.

Windows Azure Load Balancing: What To Know. (n.d.). InformationWeek. Retrieved February 24, 2014, from http://www.informationweek.com/software/enterprise-applications/windows-azure-load-balancing-what-to-know/d/d-id/899840Tipton, H. F., & Krause, M. (2005). Information security management handbook (5th ed.). London: Taylor & Francis e-Library.