Welcome to Week 4! Just 2 weeks left! This goes by fast!

Below is a great devotion from Billy Graham and then the list of what you need to do this week.

I sought the Lord, and he heard me, and delivered me from all my fears.
—Psalm 34:4

Man has always been beset by worry, and the pressures of modern life have aggravated the problem. To men of all time Jesus said, “Take therefore no thought for the morrow . . . but seek ye first the kingdom of God, and his righteousness; and all these things shall be added unto you” (Matthew 6:33-34). Many of you are filled with a thousand anxieties. Bring them to Jesus Christ by faith. He will bring peace to your soul and your mind.

Preparation:
 Read Chapters 8 and 9 in your E-book.
 Watch Chapter 8 and 9 videos
Discuss:
 Week Four Devotional
 Week Four Discussion Questions
Submit your initial post to discussion forums by Day Four of the
week, midnight (Eastern Time). See the discussion forum rubric in
your syllabus as to requirements for posting, including replies to
fellow students.
As to the devotional, the initial post is due by Day 7. Replies to fellow
students encouraged but not required.
Submit:
 Chapter 8 end of chapter exam
 Chapter 9 end of chapter exam

Please email me with any questions. God Bless each of you! ~Dr. Anthony

When it comes to securing company data, there are multiple approaches that can be taken depending on the situation. A secure coding principle known as least privilege is a good example. We want to limit access to data and applications to those who should have an actual need to access them. Encrypting our data is another good control to protect data. Making sure that our applications, OS and security software are all updated to the newest version can help secure data. Having policies in place to protect data is necessary and useful because we don’t want account information available for everyone. I don’t want my banking information to be easily accessible to the public, so the bank has to make sure that my password protected account is not accessible by anyone other than me. This same principle can be applied to Intel. Intel doesn’t want AMD or other companies to know what their latest projects are for the newest CPUs, so they protect their information so that hackers don’t steal their products.

-Jacob

Access controls play an imperative role in any company whether, that be physical or logical. Physical access controls, protect from intrusion. Types of physical access controls are Gates that secure building perimeters doors that may restrict access to restricted areas. Logical access controls focus on Passcodes that are used to access campuses or workplaces. For example companies may require employees to scan their ID to gain access to a building. In some scenarios where security may be Sensitive some companies incorporate biometric systems. These type of systems typically require two step authentications which leaves less opportunity for vulnerabilities. we see more two-step authentication used in logical access controls. This includes Iris scans, fingerprinting, and other individual identifying devices. Using these forms of access control protects a company from someone walking into a building and gaining access to confidential information. Two-step authentication policies, safeguard data by not only encrypting, but initiating events and alarms in some instances access controls are used more often than we think. In our personal lives we use access controls in the form of our cell phones, Ring cameras and Wi-Fi just to name a few. Without access controls all our personal data would be at risk for intrusion.

Access controls are essential for safeguarding company data by regulating who can access specific resources and what actions they can perform. They help restrict unauthorized access, maintain data integrity, enhance accountability, and support compliance with regulatory requirements. Different types of access control, such as Discretionary Access Control DAC, Mandatory Access Control MAC, Role-Based Access Control RBAC, and Attribute-Based Access Control ABAC, offer varying levels of flexibility and security. Implementing the principle of least privilege, conducting regular access reviews, using multi-factor authentication MFA, monitoring and auditing access logs, and encrypting sensitive data are key strategies to protect company data effectively. These measures collectively reduce the risk of data breaches and ensure that sensitive information remains secure and compliant with industry standards.

Access controls are essential for managing who can view or use specific resources within a company. They are policies and rules that determine who can access certain data, systems, or services, and what actions they can take. Access control policies are made up of several key components such as authentication, authorization, and accountability. Authentication involves verifying the identity of users, often through passwords, biometrics (fingerprints), or smart cards while authorization is the permissions a user can perform. Accountability refers to keeping track of who accesses what data and when to make it easier to figure out the source of the problem. Some of the ways that companies can safeguard their data include limiting exposure, preventing insider threats, and compliance. In conclusion, access control is crucial for protecting company data, ensuring that sensitive information is only available to the right people, and minimizing the risk of security breaches.