Access to Online Information
Multiple levels of hardware and software technologies, including setup of these technologies by people, are required for trustworthy access to online information.
Audit complexity of this system is compounded by the myriad of technologies involved, with potentially thousands of users accessing hundreds of applications, all requiring security implemented at different levels. Moreover, security must be transparent so as to not impact the user's experience accessing data online.
A user accessing online information passes through at least five levels, with each level holding the potential to enable inappropriate data access:
- Network
- Desktops and servers
- Active Directory authentication and authorization
- Multiple identity and security systems
- Applications, many with embedded security
