Please enable JavaScript.
Coggle requires JavaScript to display documents.
Prevention - Coggle Diagram
Prevention
User Authorisation: is the access rights/revocation of access associated with the user ID/profile being authenticated (2)(4)
Role-based access :
Grouping of mandatory access rights deemed necessary to get the job done for the specific role (4)
-
Separation of duty :
Break down of action into separate pieces that require different subjects to take these actions. (4)(3)
-
IT operations
-
-
-
Set up an users IT operation monitoring system: nature, digital targets, frequency, distribution over time
User Authentication: Authorization is the system determining if user credentials are sufficient to provide you with a requested
type of access. (2)(4)
-
-
-
-
Auditing & Monitoring Policy: outlines the responsibilities and expectations of the insider threat security program, continuous and oversight monitoring on timely and valid audit data (audit logs)(2)(4)
Data Loss Prevention Policy:
that may restrict removable media or data network services (email, web) usage can prevent misuse and potential insider threat (3)(4)
Insider Vetting: assessing the integrity of the insider before granting them access to the system e.g.criminal background check, personality test and psychological assessment (1)
Encourage whistleblowing:provide employees with a clear procedure for reporting observed wrongdoing and also provide protection for these employees against any retaliation. (3)