CHAPTER |
Access Control in the Enterprise |
ACCESS CONTROL AND AUTHENTICATION within an enterprise is a large-scale problem with multiple solutions. Each enterprise has its own way of handling it, depending on the risk associated with the information and activities on the network. The higher the risk of an attacker entering an organization and seeing or removing information, the more constraints the enterprise will put on users. An organization that maintains a large amount of credit card information or personally identifiable information (PII) on its customers will sustain a higher impact if that information is removed or accessed illicitly. Corporations are now required to let a third party know when certain information has been compromised within their systems. The reaction to this breach in information may stop people or other enterprises from doing business with them.
This chapter covers the following topics and concepts:
When you complete this chapter, you will be able to: