Scribd
Upload
7 views

csi 425 dis 5

Access controls are essential for securing systems by regulating who can access data, ensuring privacy, and detecting insider threats. They utilize three primary models: Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role-Based Access Control (RBAC). Maintaining these controls is crucial to prevent unauthorized access, mitigate risks from compromised accounts, and foster a culture of security within organizations.

Uploaded by

zacaharysteagall16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views

csi 425 dis 5

Access controls are essential for securing systems by regulating who can access data, ensuring privacy, and detecting insider threats. They utilize three primary models: Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Role-Based Access Control (RBAC). Maintaining these controls is crucial to prevent unauthorized access, mitigate risks from compromised accounts, and foster a culture of security within organizations.

Uploaded by

zacaharysteagall16
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Access Controls and Why They Matter Intro

1. My name, CV, and why this brief is needed.

2. Access controls are a critical element in the security of systems. They are the control that allows an
individual to access data or specific systems

3. They ensure the principle of “need to know” regarding data

4. Uses 3 primary methods to ensure this privacy (MAC, DAC, RBAC)

Why do we need access controls Models

1. Ensure Privacy by reducing who can access certain items

2. Assist Insider threat detection by seeing who desires access to specific data

3. Mitigate harm from corrupted accounts- by not allowing them to have too much access

4. Ease access control efforts to an easy-to-understand methodology with the ability to look up who
manages the architecture

Common Access Controls models

1. MAC- Mandatory access control(Everyone is cleared to certain level I.E. military government)(Brown,
2024)

2. DAC- Discretionary access control(Every object and every item has access list)

3. RBAC- Role-based access control(Roles are assigned to each person that allows them access to specific
data in an architecture. User may have multiple roles)(Wright & Lutkevich, 2024)

Why they must be maintained and not disabled/Threat Actors

1. The access control methods must be maintained to ensure compliance with security measures

2. The process to request additional access must be straightforward and easy to order or users will
circumvent the process (Brown, 2024)

3. There must be occasional audits of roles and resources assigned to ensure no one account has too
much access to sensitive data

4. threat actors may compromise specific credentials and this must be included in the calculus of who
has what roles

5. turning off the security measures may allow compromised accounts to access additional information

Conclusion

1. Access controls are an indispensable component of any security framework, serving the interests of
the users and company to ensure privacy is maintained primarily for Work for home users.

2. The risk will be mitigated by regulating access control and ensuring compliance with the models.
3. adequate access controls foster a culture of security within an organization, where every member
understands their role in safeguarding data and systems against unauthorized access.

References

Brown, S. (2024, May 2). 3 types of access control: IT security models explained. StrongDM.
https://www.strongdm.com/blog/types-of-access-control

Microsoft. (2025). What is access control?: Microsoft security. What Is Access Control? | Microsoft
Security. https://www.microsoft.com/en-us/security/business/security-101/what-is-access-control

Wright, G., & Lutkevich, B. (2024, September 27). What is access control?: TechTarget. Search Security.
https://www.techtarget.com/searchsecurity/definition/access-control

You might also like