Directive Blogs
Tip of the Week: How to Improve Your Access Control
There is no denying that a business’ security--notably, its access control--is absolutely crucial to consider. Here, we’re offering a few tips to help you improve your business’ security through improvements to your access controls and their policies.
Most businesses rely on Microsoft Active Directory (AD) to handle permissions for users across the network. Active Directory lets you determine who has access to specific capabilities and resources on your network. Regardless of the solution that you use, it’s important to follow these thought processes when determining your access control.
Check Who Has Access
The first step to ensuring that your business and its data are safe is to ensure that access to your business and its data is appropriately limited. After all, John Q. Public almost certainly has no reason to walk into your offices at 2:30 AM. Similarly, a new hire shouldn’t have the same access permissions as an established manager does, either. Make sure you go through your network permissions and evaluate if any need adjusting.
Limit Permissions To The Minimum
A good rule of thumb to follow as you are evaluating your permissions is to give each user the fewest that they need to still be able to effectively complete their assigned responsibilities. Different departments need to access and edit different kinds of data for their specific tasks. For instance, if Department 1 only needs the data in Storage D in order to do their job, it doesn’t make sense to give that department access to Storage A through N. A good rule of thumb--only give those who need access to certain resources this requisite access.
Enforce Password Best Practices
Enforcing your users to use strong passwords, and forcing users to change passwords regularly will help prevent password sharing and duplicate passwords.
The username and password have long been the required forms of identification that most accounts demand from a user. Unfortunately, the combination of the human race’s inherent laziness and the tools and strategies that cybercriminals use to crack passwords has made it so that an additional authentication measure has effectively become a requirement for security. Requiring 2-factor authentication can help to eliminate the risks that are posed to your business.
For more assistance with your access control, or any other of your business technology considerations, give the team at Directive a call at 607.433.2200.