quarta-feira, 22 de fevereiro de 2012

Access Control.


I never imagined how big of a problem when a corporation has no control over the access control. I leave aside the physical control for another opportunity. At this time I will talk a little about Access Control.We live in a globalized world where converge within the IT Access Control to see that if there is investment in controls, fraud and other threats actually happen.Evaluating closely, few companies are in full growth they realize the need and true value to the control accounts and passwords of its employees, in addition to other controls, such as web usage, firewalls, file servers, applications and many others. .. It is a fact that companies in UP should prepare for a dark future if you do not have their appropriate controls, even if they are manual. The major market players are there, prepared to a high price for La to meet this demand for SSO (Single Sign On) and IDM (Identity Manager), manager identities. In fact, few companies to invest in automation due to its high investment. When then we have a small but growing the most striking fact is a function of cost versus benefit. This is why the Small Midsize companies, still opt for their manual control and minimizing the risks often with a good tone.A well defined policy guidelines to joining processes and bound, but can help to small businesses currently make use of its manual controls specific to the ACCESS CONTROL. It is true that one day at a time when the company took shape and became a big corporation does not have doubts that automation will be needed because the number of applications grows with the company.Specific projects related to Information Security Access Control to split today is a troubled sea of ​​growing businesses. Owners of their vision should be no doubt while criticizing not only healthy for themselves and for the healing of threats. Not that we can eliminate threats, but minimize them to a risk at least not so onerous.The vision 5W1H is old but will live for many years questioning the assets of a corporation. Measures and countermeasures should be evaluated.Unprecedented access to back office systems through the Web have reduced costs but hidden threats if no control privileges. We must enforce access policies to users, proxies and Web Services that perform operations on behalf of users who really are true.When the environment becomes large and distributed is a sign that the corporation is leaving the small and medium enterprises to become something huge and observance of appropriate controls is required. Escape from the automation is a matter of time. It is necessary to evaluate policies inhibition of threats based on risk. It's like Projects, no monitoring and control, your project danced .....

domingo, 12 de fevereiro de 2012

SKIMLINKS