Description
Reply:
A:
Your organization’s access management policies must be in place to efficiently secure your records. Access management is a way of ensuring that consumers are who they want to be and have enough access to organization records. Access management is a security strategy that governs who or what has access to or uses services in a computer system. It is a basic security principle. Organizations use electronic access management devices to monitor employee access to restricted business locations and proprietary areas, such as data centers, in order to protect a building. These systems rely on user credentials, access card scanners, auditing, and records to track employee access to restricted business locations and proprietary areas, such as data centers. Any of these devices provide access control panels to block access to rooms and houses, as well as alarms and lockout capability to prevent unauthorized entry (Lutkevich, 2020)).
According to Crowley, most organizations have mastered authentication, especially with the growing use of multifactor authentication and biometric-based authentication (such as facial or iris recognition). As high-profile data breaches have culminated in the sale of leaked password credentials on the dark web in recent years, security practitioners have recognized the importance of multi-factor authentication (Martin, 2019).
Crowley claims that authorization is still an environment where security experts “make more mistakes.” For instance, determining and constantly monitoring who has access to certain data services, if they should be able to access them, and under what terms they are given access can be difficult. Inconsistent or weak authorization protocols, on the other hand, will lead to security vulnerabilities that must be detected (Martin, 2019).
Many of the access management problems derive from the widely dispersed essence of modern IT. It is impossible to keep track of properties that are continuously changing when they are dispersed both geographically and logically (Lutkevich, 2020). Such basic examples are as follows:
Password fatigue
compliance accountability through consistent reporting
centralizing user directories and avoiding application-specific silos;
data control and visibility through consistent reporting
————–.(Minimum 160 words) + 1 reference APA format
B:
Access Control
Access control refers to access restriction to virtual, physical, or scheme assets. Access control in computation is a technique that allows access to data, assets, or systems to particular users (Bertino, Ghinita, & Kamra, 2011). In this case, users must display documents in the access control system that allows access to be granted. Access control, therefore, ensures that only authorized users have access to the company data.
Business Challenges, Impact, and Mitigation Methods
Disaster Prevention
Business Challenges
Disasters caused by weather changes or natural causes are likely to occur, such as fire, flood, and earthquakes. The disasters can destroy normal business operations, employees may be injured, and some may be absent from their workstations.
Business Impact
The disaster will impact the business in terms of resources used to evacuate the affected people and properties. Time will also be lost before the business goes back to its normal activities. Data loss is another major business impact as a result of natural disasters.
Mitigation Methods
A business should have a proper business recovery plan to mitigate and prevent natural disasters’ effect on business operations (Snedaker, 2013). In this case, the business has a well-laid down evacuation procedure, including tools and evacuation techniques, and has qualified evacuation personnel.
Disaster Recovery
Business Challenges
After a major disaster, a business face the challenges of recovery, such as the recovery of data, going back to normal operations
Business Impact
When a business lacks a proper disaster recovery plan, it is most likely to suffer a major loss of company data.
Mitigation Methods
The best mitigation methods of data recovery include; having a Backup for all the company data, choosing the proper backup category, planning for effective backup strategy, documenting critical information, testing, and rehearsing a disaster recovery plan.
Customer Access to Data
Business Challenges
In case there are no security measures to regulate the amount of company information that customers can access, there can be a challenge of sensitive company information being accessed by customers.
Business Impact
The organization’s business image can be damaged when important organization information is made available in the customer portal.
Mitigation Methods
An organization should have a customer portal where only the organization’s customers can access and get the information needed. Additionally, an organization should have a customer’s general portal where everyone interested in the organization can have general information about the organization.
Maintain Competitive Advantage
Business Challenges
Modern technology is changing the outlook of business and how businesses are conducted across the world. In this case, many businesses face the challenge of selecting the best coping mechanism to maintain a competitive advantage.
Business Impact
When a business can’t maintain a competitive advantage in an industry, the business can lose customers, employees and risk being wiped out of the market.
Mitigation Methods
An organization can maintain a competitive advantage by using the following methods; cost leadership method, differentiation, defensive strategy, and strategic alliances (Bertino, Ghinita, & Kamra, 2011).
————–.(Minimum 160 words) + 1 reference APA format
Note:
Must be entirely focused on the specific content.
Add some generic points that could apply
Please check plagiarism, Grammarly
Reference Books :
1.Chapple, Mike, Ballad, Bill, Ballad, Tricia, and Banks, Erin K. Access Control, Authentication, and Public Key Infrastructure, Second Edition. Jones & Bartlett Learning, 2016, ISBN: 978-1-284-03159-1
2.Rhodes-Ousley, Mark. The Complete Reference to Information Security, Second Edition. McGraw-Hill, 2013.
