Prior to beginning work on this discussion forum, read Module 08: Security Technology: Access Controls, Firewalls, and VPNs in the Whitman and Mattord textbook. In addition, there are some recommended resources that may help with this discussion.
Your readings discuss several types of access controls. Your organization’s employment practices should address such things as hiring, worker’s performance and duties, and the procedures of employees leaving the organization.
It is important to recognize that hiring an employee signifies a substantial level of trust because they access necessary resources on your systems and network. Therefore, new employees represent one of the greatest risks to the overall security of your organization. Using proper employment practices helps mitigate this inherent threat and what data the employee can access.
In an initial post of at least 250 words, you will
- Discuss the different types of data classifications such as secret, top secret, and others.
- Describe the different types of personnel classifications such as role-based access control (RBAC), mandatory access control (MAC), and discretionary access control (DAC).