Latest Blog Posts

We're members of the

We've ridden there:


Layne's certifications:


Access control best practices take into consideration the following security principles:

Principles Description
Principle of least privilege The principle of least privilege states that users or groups are given only the access they need to do their job (and nothing more). Common methods of controlling access include:
  • With implicit deny, users or groups which are not specifically given access to a resource are denied access. Implicit deny is the weakest form of privilege control.
  • Explicit allow specifically identifies users or groups who have access. Explicit allow is a moderate form of access control in which privilege has been granted to a subject.
  • Explicit deny identifies users or groups who are not allowed access. Explicit deny is the strongest form of access control and overrules all other privileges granted.
When assigning privileges, be aware that it is often easier to give a user more access when they need it than to take away privileges that have already been granted.
Need to know Need to know describes the restriction of data that is highly sensitive and is usually referenced in government and military context. Important facts to know about need to know include:
  • Even if an individual is fully cleared, information is still not divulged to persons who simply don't need to know the information to perform their official duties. 
  • Need to know discourages casual browsing of sensitive materials.
  • In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is a form of MAC.
Separation of duties Separation of duties is the concept of having more than one person required to complete a task. This helps prevent insider attacks because no one person has end-to-end control and no one person is irreplaceable. Important facts to know about separation of duties include:
  • System users should have the lowest level of rights and privileges necessary to perform their work and should only have them for the shortest length of time possible.
  • To achieve a separation of duties, a business can use the principle of split knowledge. This means that no single person has total control of a system's security mechanisms, so no single person can completely compromise the system.
  • In cases of sensitive or high-risk transactions, a business can use two man controls. This means that two operators must review and approve each other's work. 
Job rotation Job rotation is a technique where users are cross-trained in multiple job positions, and where responsibilities are regularly rotated between personnel. Job rotation:
  • Cross trains staff in different functional areas in order to detect fraud.
  • Exchanges positions of two or more employees to allow for an oversight of past transactions.
  • Can be used for training purposes.
Defense-in-depth Defense-in-depth is an access control method which implements multiple access control methods instead of relying on a single method. Multiple defenses make it harder to bypass the security measures.

Creeping privileges occurs when a user's job position changes and they are granted a new set of access privileges and their previous access privileges are not removed or modified. As a result, the user accumulates privileges over time that are not necessary for their current work tasks. The principle of least privilege and separation of duties are countermeasures against creeping privileges.