Access Controls

Access Controls

Access controls limit entry to information system resources to authorized users, programs, processes, or other systems. Components of an access control system include, for example, physical access (e.g., locks on doors to a server room), authentication systems that verify the identity of a user or client machine attempting to log into a system, and file encryption that makes data unreadable to anyone who does not possess the cipher key or encryption algorithm.

Additional information is available in the PTAC publication Data Security and Management Training: Best Practice Considerations