Dispela em appli tu wei ol infomasion blon yu em ol storim na / o replicatim lon wanpela lokal o remot serva o insait lon kloud.
Ol hevi
- Ol employee acessim, chargim, sharim o deletim ol sensitive file kain olsem peirol o pesonnal recods, o kompani confidental infomasion.
- Employee husait em acessim applicasion wei ol ino authorise lon usim.
- Fraud, stealim identiti, sabotag, extorsion, espionag.
Acess kontrol
Yu mas controlim husait mas gat acess lo on diperen file, folda na applicasion – blon ol wanwan man o meri o lon grup – taim usim Activ Directori sapose yu gat Windows Serva o usim ol wainkain metod lon ol arapela systim. Kain olsem, olgeta lain lon akount departmen igat acess igo lon purchas ledga, tasol husait igat adsional acess privilig gen lukim peirol detail. Ensurim olsem dispela ol samthing em ol observim:
- Olgeta taim mas reviewim husait igat acess ingo lon ol inomasion, na sanism ol privilig wei em necesari.
- Limitim namba na skop blon ol employee waintaimm ‘administrato’ rite.
- Putim was taim yu considerim lon wanem hap ol dispela acess rite yu gen allocatim igo. Kain olsem, lon ol bigpela organisasion em ol gen wokim lon basis blon role blon wanwan man na meri na ino lon wanpela man-igo lon narapela-man basis.
- Considerim lon grantim ol usar akount tasol olsem privilig wei em impotent igo wei em impotent lon wok blon dispela usar. Kain olsem, wanpela bakup usar ino nid lon installim sopware tasol em runim bakup na ol arapela wainkain bakup applicasion. Blockim ol kainkain arapela privilig kain olsem instalim ol newpela sopware (ol save kolim olsem ‘principle of least privilege’).
- Considerim applyim adisional kontrol lon ol usar husait igat spesal acess privilig, kain olsem closa monitorim.
Wanwan employee mas igat wanpela unique usar ID – login waintaim usarnem ma authenticasion waintaim paswod. Ol mas treatim ol dispela kain olsem ofis key o wanpela alam cod, na noken sharim o compromisim lon kainkain wei. - Lon ol bigpela organisasion, taim recod em setup lon newpela employee, ensurim olsem kainkain pipol setim up dispela employee recod, peirol arrangemen na IT acess (ol save kolim ‘segregation of duties’).
- Mekim sua olsem olgeta komputa requirim wanpela sekure login na olgeta em set lon log aut automatikali sapose em stap nating na nogat man usim lon sampela minut igo pinis.
Mas lukaut taim yu grantim acess rite igo lon ol employee taim ol joinim organisasion, o changim igokam lon wok side / igo lon senio posision. - Deletim ol usar privilig hariap tru taim ol lusim kompani.
Acess kontrol – em olsem authenicasion
- taim wanpela usar em identifim em yet (taim em enterim usarnem) wei em authorisim em lon acessim sampela file, folda o applicasion, na ol tu mas provim ol yet olsem ol honest lon wokim wok. Igat threepela basik metod lon provim identiti:
- Samthing ol holim wei ol kolim smatkad, key o electronik token – o unique random encrypsion key.
- Samthing ol save, olsem paswod, PIN o wanpela maiden mama nem.
- Samthing ol gat, olsem biometrik (fingaprint o eye) skan.
Usim ol dispela facto, kain olsem paswod, save providim ol gutpela level blon confidense lon identiti blon ol dispela man or meri.
Usim tupela o threepela authenticasion is gat moa sekure becos em save mekim ol lain lon wokim impersonasion hat olgeta.
Lon paswod, em impotent lon ensurim olsem ol dispela em yu obesrvim:
- Ensurim olsem ol employee usim ol strongpela paswod. Setim up wanpela systim lon acceptim tasol ol strongpela paswod na to lockim aut ol plenti atempt lon usim ol rong paswod.
- Educatim ol usar lon impotence blon paswod na ol risk blon sosol enginerim.
- Sanism ol default paswod.
- Enforcim lon sanism paswod olgeta taim, insait lon ol pre-detemin intavol.
- Taim yu disposim wanpela equipemen wei em nogat use blon em, mekim sua lon rausim olgeta paswod stap insait lon em na tu ol arapela confidental infomasion.