Scribd
Upload
45 views12 pages

IT Sir Arienza Access-Security

The document discusses various methods for securing user access to computer systems, including permissions, authorization, authentication, data encryption, firewalls, virtual private networks, intranets, user accounts, sharing permissions, and password methodologies.

Uploaded by

Klyde Santos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views12 pages

IT Sir Arienza Access-Security

The document discusses various methods for securing user access to computer systems, including permissions, authorization, authentication, data encryption, firewalls, virtual private networks, intranets, user accounts, sharing permissions, and password methodologies.

Uploaded by

Klyde Santos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Security

What is User Access?

• User access security refers to the collective procedures


by which authorized users access a computer system
and unauthorized users are kept from doing so
Permission, Authorization and
Authentication

• Permission– refers to the access given to a particular


user in accordance to what they can access on the
software

• Authorization – refers to the access given to a particular


user in accordance to their tasks or organizational roles.

• Authentication – refers to be method of confirming the


identify of the user accessing the system
Rule for granting access:

• User access security demands that all persons (or


systems) who engage network resources be required to
identify themselves and prove that they are, in fact, who
they claim to be. Users are subsequently limited to
access to those files that they absolutely need to meet
their job requirements, and no more. To accomplish this,
decision-makers must establish policies regulating user
account systems, user authentication practices, log-in
procedures, physical security requirements, and remote
access mechanisms.
Common Methods of Securing
System:

• Data Encryption – Hard drives, database or messages


are converted into a encrypted format before writing
them or reading from the storage device. (Vice Versa)

Encrypt

Storage
Client Convert Encrypt
Device
Firewall

• A firewall is a system designed to prevent unauthorized


access to or from a private network. You can implement
a firewall in either hardware or software form, or a
combination of both. Firewalls prevent unauthorized
internet users from accessing private networks
connected to the internet, especially intranets.
Virtual Private Network (VPN)

• VPN not only secure their company systems but as well


as their employees connection. This is used to hide their
network activities – traces of IP, identities and
vulnerabilities.
Intranet

• Administrator’s secure their system by ensuring it is only


accessible on their intranet.

• An intranet is a private network contained within an


enterprise that is used to securely share company
information and computing resources among employees.
An intranet can also be used to facilitate working in
groups and teleconferences.
Access and Accounts

• Users are given their own accounts within the orgnization


that they can use to access the system.

• Types of user accounts

• System accounts. ...

• Super user account. ...

• Regular user account. ...

• Guest user account. ...


Sharing and Permission Policy

• There are three types of share


permissions: Full Control,
Change, and Read. Full
Control: Enables users to
“read,” “change,” as well as
edit permissions and take
ownership of files. Change:
Change means that user can
read/execute/write/delete
folders/files within share.
Authentication

• A password, sometimes called a passcode, is a


memorized secret, typically a string of characters,
usually used to confirm a user's identity and the one that
is most commonly used in Authentication.

• Other authentication can be security questions or in


advance technology can be thru access cards with RFID
embedding and the used of biometrics.
Password Methodologies:

• To make passwords secured many system developer


required the use of numbers, letters and special
characters combination to avoid hacking attacks. (There
are automated software can be use to populate and
guess your passwords – Keylogger)

• They also know implement the use of Image Captchas


and OTPs to enforce stronger authentication.

You might also like