Sunday, November 10, 2013

Separation of Duties: A necessity in the IT realm

When working with any technology, there is always information that needs to be safeguarded or only accessed by individuals that need to know certain information to perform their job function. This process of limiting information access is known as separation of duties in the workplace. Separation duties is used to make it difficult for an individual to violate information security and breach the confidentiality, integrity, or availability of information.

This separation also allows organizations to limit the potential for an insider threat occurring. It does this by limiting what information can be removed or accessed from various sources. For example, if accessing confidential information the organization may only allow those with a clearance of confidential and limit what devices are allowed in the room. They may also require a two-person control, in which one is required to have another authorized person in the room to access certain information. All of these are steps to protect and safeguard information in the IT realm.

Safeguarding information is essential to the organization in order for the organization to remain secure and fully functional. Without these procedures anyone could go into and access and take information that may potentially damage the overall organization.

To learn more , read the following:

FBI Guidance for Combating the Insider Threat. Retrieved from http://www.infosecisland.com/blogview/21321-FBI-Guidance-of-Combating-the-Insider-Threat.html

Separation of Duties for System Adminstrators. Retrieved from http://www.infosecisland.com/blogview/18905-Separation-of-Duties-for-System-Administrators.html

No comments:

Post a Comment