Itt 307 - Developing Access Control Model In An Enterprise Based On The Principles Of Least Privilege - Gcu

This study source was downloaded by 100000859819779 from CourseHero.com on 02-16-2023 14:45:00 GMT -06:00https://www.coursehero.com/file/59862037/Access-Conrol-Plandocx/ Running head: ACCESS CONTROL PLAN Developing Access Control Model in an Enterprise based on the Principles of Least PrivilegeJhansen A. TomasGrand Canyon University: ITT 30717 November 2019 1This study source was downloaded by 100000859819779 from CourseHero.com on 02-16-2023 14:45:00 GMT -06:00https://www.coursehero.com/file/59862037/Access-Conrol-Plandocx/ACCESS CONTROL PLAN Developing Access Control Model in an Enterprise based on the Principles of Least PrivilegeAccess controls provides the ability to allow or deny access to critical information and devices on a network. Access controls can be physical, or logical. According to Gegick and Barnum from the U.S. Department of Homeland Security (2005), Every program and every userof the system should operate using the least set of privileges necessary to complete the job It reduces the number of potential interactions, unwanted, or improper uses of privilege are less likely to occur. The use of least privileges to maintain access control is crucial in mitigating risks of potential network attacks. Elements of Access Control and Best Practices Each company is going to use a different access control model according to the needs of the organization. There are four types of access control. Those are: Discretionary Access