Information Technology Reference
In-Depth Information
6.3 ACCESS CONTROL AND MANAGEMENT
The.actual.storage.media.for.data.is.of.relatively.little.con-
sequence. to. the. preservation. considerations. we. address. in.
this.chapter.
As. long. as. the. media. is. reliable,. physically. robust,. and.
accessible,.it.does.not.really.make.a.lot.of.difference.if.your.
data. are. stored. on. magnetic. backup. tapes,. optical. storage.
such.as.CDs.or.DVDs,.solid-state.drives.such.as.USB.devices,.
hard. disks. on. a. server,. in. a. virtual. server. environment,. or.
even. on. the. Internet. in. some. type. of. online. infrastructure.
service.(aka,.the.cloud).
When.you.consider.the.security.and.integrity.of.data.what.
really. matters. are. the. controls. around. who. can. access. the.
data.and.how.those.controls.are.managed.
In.this.section.we.look.at.various.methods.you.should.con-
sider.for.managing.access.to.your.data..These.can.include
•. Authentication
•. Encryption
•. Identity.management
•. Logical.compartmentalization
•. Physical.separation.and.access.control
We.begin.with.authentication.mechanisms.as.these.are.the.
most. recognizable. and. common. ways. to. control. access. to.
data. (Figure 6.2).. In. nearly. every. organization,. in. order. to.
gain.access.to.your.network.you.use.an.authentication.mech-
anism..In.the.world.of.IT.we.speak.of.factors.of.authentica-
tion..These.include:
•. Something. you. know—your. user. name. or. ID. and. a.
password,.PIN,.or.a.pass.phrase.that.only.you.know
•. Something. you. have—a. smart. card,. token,. or. other.
identiication.device
•. Something.you.are—biometrics.such.as.your.thumb-
print,.iris.scan,.facial.characteristics,.or.even.the.speed.
and.pressure.with.which.you.type.on.a.keyboard
