Disclaimer: The views and opinions expressed in this blog are those of the author(s) and may not reflect the official policy or position of Excelsior College. Excelsior makes no claim regarding the suitability of the content for all audiences.
To be a part of the nationwide initiative to increase cybersecurity awareness, the National Cybersecurity Institute has spent the entire month of October participating in National Cybersecurity Awareness Month. Each week they have challenged people with cybersecurity themed activities, conducted case studies and released podcasts that focused on crucial topics in the information security sector. One of the podcasts during Week 3 covered access control.
What is access control?
To be a part of the nationwide initiative to increase cybersecurity awareness, the National Cybersecurity Institute has spent the entire month of October participating in National Cybersecurity Awareness Month. One of the areas of educational focus for Week 3 was access control.
In the podcast, James Antonakos of the National Cybersecurity Institute defined access control as the ability to keep data and information out of the wrong hands by regulating who has access to networks and connections. Most of the time, companies will place security features and password protection on their systems to prevent unauthorized access. Often, multiple layers of access codes and firewalls are in place to keep digital intruders out.
“The exploitation of access codes has become one of the most popular methods of cyberattack.”
Why is it important?
Centrify reported that the exploitation of upper management access codes has become one of the most popular methods of cyberattack. Hackers may steal, or even bribe another employee, for the access codes to a company’s network or information system. The bad actor then has the potential to see protected data. He or she may even steal this information for financial gain. By having strong access controls in place, companies can reduce the risk of unwanted infiltration.
Whose responsibility is it?
While the main responsibility for access control security rests with the information security teams, it is really a group effort. Employees need to be trained by cybersecurity professionals on subjects like password protection, gatekeeping and social engineering. The more knowledge employees have regarding cybersecurity and potential cyberattacks, the better a company’s access control systems will work. No business should rely solely on defense software and password protection for access control.
Access control is crucial to an effective cybersecurity plan. Properly training staff and having a strong software in place can help businesses protect their networks, connections and data. You can learn more about this subject by listening to the National Cybersecurity Institute’s podcast or by reading the articles involving access control.