Access control is the granting or denying approval to use a specific resource. Physical access control consists of mantraps, walls, and door locks that limit physical access to resources, whereas technical access is concerned with allowing or limiting access to data resources. The National Institute of Standards and Technology (NIST) tells us that access control is concerned with determining the allowed activities of legitimate users, mediating every attempt by a user to access a resource in the system.
Compromised privileged credentials, both human and machine, account for the majority of successful cybersecurity attacks. Enterprise credential management and privileged access management are the cornerstones of a company’s cybersecurity defensive posture.
Research and write a 250- to 500-word analysis addressing the following:
- Explain what enterprise credential management and privileged access management are, and provide at least one example of each.
- Discuss why they are important to a company’s cybersecurity defense posture and describe how the two are connected.
- Develop a specific plan for the implementation of access controls in your company.