Sunday, 5 February 2012
Identity management and access control
Identity management and access control are integral in maintaining data security. Here you'll find information on passwords, authentication and Web access control.
Sub-Topics
Identity management and access control start with authentication, and integral part of the network security infrastructure. Good two-factor and multi-factor authentication policies and procedures are foundations of a strong security framework.
Password and user ID management can be a source of major frustration and expense for many IT departments.
Network access control allows only compliant and trusted endpoint devices, such as PCs, servers, and PDAs, onto the network, restricting the access of noncompliant devices, and thereby limiting the potential damage from emerging security threats and risks.
Remote access security is now built into many operating systems, because most organizations need to access corporate IT services from outside the office walls. The most common method for securing remote Internet connections is a VPN. VPN protocols are built into many OSs and can be implemented in their most basic forms at low cost.
Access control is the ability to permit or deny the use of a particular resource by a particular entity. Web access control is specifically applied to digital resources. For example, a private text document on a computer, which only certain users should be able to read.
List Topic Article
Highlights
That program helped the agency reduce the risk of security and compliance breaches by automatically eliminating system access when a user changed responsibilities or left the organization.
Secure Android devices are on the horizon, but they will cost you.
Privacy concerns prevent consumers' engagement with mobile Internet.
Facebook users accessing the service via mobile applications installed on the iPhone or any other smartphone may be in for a rude shock.
In a move aimed at boosting operational efficiency, the HKHS has completed the implementation of Oracle Identity Management to support the development of a new Information Security Framework.
