Measures to reduce security threats - general controls
Access

For on-line real time systems - call back for modem communications., passwords, access logs, authorisation tables, voice recognition (eg. via telephonist).

Limiting access

Sound computer operations are based on close supervision, careful planning and ongoing control procedures.

Limiting access by userid/password

• A legitimate user enters their code name and only gains access if they enter the associated password with that code name.
• It is important to keep your password confidential.
• People have been known to Sellotape their passwords to computers allowing others access.
• An enterprising computer criminal walked into a major organisation and shouted "What's the password for today?". Someone replied and he gained access to the system.
• may be at;
  • System level
    • Restrictions to a particular computer
    • LAN domain (ie. other networks)
  • Menu level
    • Payroll maintenance menu only available to pay clerk
  • Program level
    • Creditors cheque payments require restricted access
  • Data level (file, record or field)
    • Privacy issues may require an individual to have read access to personal data.

Limiting access by person, terminal or location

• Security may be set up based on;
  • The function of the person
    (eg. Payroll clerk may add employees)
    • Systems Administrator
    • Data Administrator
    • Operator
    • User
  • Or by person
    • Enables access to certain parts of the organisations system, eg. Electronic Office, Wordprocessing, etc.
    • A Hierarchy of permission's is often set up
    • A file server can be set up to limit user's access to parts of the file server.
    • A tutor has access to students' drives and directories, their own directory and a common drive
    • A student only has access to their own drive (H:) and a common drive (J:)
  • Or by terminal or location
    • Eg. device 101 only may be able to run a receipt program (accept cash), if the cash draw attached)
    • Eg: Workstation 0 only for entering user security)
      the system checks that the transaction has been generated by a specific terminal (eg. Financial transactions get user id and terminal attached).
    • Access via Firewall

[Rev: 14/06/99] 3/9/97 © 1996-99 V/2-Com (Verhaart), P O Box 8415, Havelock North, New Zealand.