IT Security Principles
What role do IT Security Principles have with your systems? Are your principles enforced with your employees, (WFH) work for hire, or your contractors?
Principles are a core requirement of information security that is ongoing, but even when you enforce them there are still those who seek to not be accountable for what they do.
When talking about IT Security Principles and Accountability it does not only apply to the small business owners, but companies of all sizes must make those inside the business take ownership and responsibility for their action while using your system.
Failure to do so can leave your business at risk and could lead to a breach of confidentiality, productivity loss, and bad customer service.
Accountability Enforce Principles
Accountability is a critical part of your information security because it ensures every action can be traced back to the person who performed the action.
There are two fundamental requirements of accountability: The first is identification, and the second is authentication.
Identification
Each user working on your system should have a unique identifier where they claim who they are. Some businesses use an email address, while others may allow a user to create their own based on guidelines. There should be no generic or shared accounts.
Authentication
Establishing who you are in the process of authentication that occurs when a user enters in their credentials, usually a password on a pin number.
Once the system establishes who you are, you go through an authorization process where it says you are in the system but you are only given access to those things needed to perform your job duty.
Some have the two confused: authentication and authorization.
A Time to Say Hello and a Time to Say Goodbye
I guess we gotta go for now. Thanks for joining Down to Earth Talk About Web Solutions. I hoped you enjoyed the talk as much as I enjoyed researching and discussing it. Peace out and happy Web Design and Development.
