In: Operations Management
You will need to divide yourselves into one of three groups by choosing one of these functional areas. Sign into a Security Plan Group. Then you will create an entry where you will post its specific plan
THE THREE GROUPS: PICK ONE
- The protection of intellectual property (Remember Module 3)
- The implementation of access controls (Remember Module 2)
- Patch and change management (See this module)
Describes what processes you would put in place and write 2 - 3 paragraphs
Implementation of access control
Access control limits access and grants access on providing credential information ensuring the security of the facility. Access control implementation is applied in real-time in the following manner
Two-factor authentication – This is the most popular access control mechanism used worldwide in online financial transactions. A user enters the user credentials including the user name and password followed by a PIN or biometric authentication to get access to perform the online transaction. In this access control method, authorization, authentication and entity audit are the primary implementation aspects to gain access to an object by a subject. The human end-user is generally the subject attempting to gain access to an object or the software or mobile app. The access control system implementation requires a permission list (authorization, authentication and entity audit) to provide or grant access. This type of two-factor authentication comes under administrative access control involving a predefined set of permissions
Video surveillance cameras – This access control grants physical access to an individual entering an organization. Facial recognition, retina scanning and fingerprints are some technologies used in the implementation of this access control to grant physical access to secured facilities. This type of Video surveillance cameras access control comes under physical access control involving biometric-based authentication to grant access to secured facilities
Intrusion detection systems – This access control is generally used by antivirus software to detect the intrusion of virus, malware and spyware etc. These access control limits access to system files, data and computer networks through encryption mechanisms, protocols, applications forming the crucial aspects of the implementation of such access control. The main aim of this access control is to protect sensitive information from the intruders in the digital world through access control mechanisms through a combination of various access control types. This access control comes under logical or technical access control category