Technical controls

- [Instructor] Have you turned on the news lately only to hear of the latest company that has experienced a breach? To prevent these types of incident, cybersecurity teams implement controls within their environment so they don't become the next company that you read about in the news. Let's take a deeper look into some of the controls that may be included within the policies, procedures, standards and guidelines. First up is access control, which can be described as who you give permission to allow within your environment. When you think of access control from a physical security perspective, you may think of employees with badges that permit certain people access to the building. And then once inside, the individual may even be prohibited access to certain areas within. This is the same for logical access control. Users are given rights to your network and applications and may be restricted to certain areas. One way to define such access is through an administrative account, which allows for elevated or privileged access. People that are assigned elevated access should only be done so on a need-to-have basis, which leads up to least privilege. Least privilege is when users are given only the minimum access needed in order to complete their required job functions. This is imperative to ensure that people don't end up accessing areas of the network or data that they shouldn't be able to access and doing something with that data or out of negligence or even maliciously. Just as you wouldn't want someone to physically access your data center, you also don't want someone to access your data on your network. So how do you determine what access you have to the network? First, you need to authenticate. Authentication is how you verify who a user is and what all they should have access to. As with physical security being tied to what access you have within a building, your logical access is usually tied to a username. Beyond the username, a user must also know the password as well as possibly even knowing how to get beyond any multi-factor authentication parameters that may be in place. A password is a set of letters, numbers, characters, or a phrase that only you should know that will allow you access to a system when paired with the associated username. Multi-factor authentication, or MFA, or even two-factor authentication is an extra layer of security beyond just a username and password. MFA can be verified based on something only you know, you have or you are. An example of something you know would be an answer to a security question, such as your favorite restaurant, or your mother's maiden name. Something you have would be something such as a security token or a badge. And something you are could be your fingerprint, retina or face. While there are other ways to utilize MFA, these three are the most common.