Chapter 5. Controlling Access to Data
Controlling access to data is the reason for information security. Let's not forget that. The reason for protecting servers or the network is to protect the data that resides on them. The best approach to controlling access to data is to use defense in depth. This can be accomplished by using perimeter controls such as firewalls, by monitoring the internal network using intrusion detection, by insisting on the use of VPNs and other types of encrypted data transport, and by properly managing authentication and the rest of the principles and practices that are explained elsewhere in this book. Ultimately, however, when all is done, if these other systems fail, it's the controls that are closest to the data ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
