[Isabelle Tubbs]

Access controls are put in place to only allow individuals who have been granted permission to actually use the system. This involves making sure that the person is who they say they are, which could be done with passwords and/or IDs. Once someone is verified and gets access, there must also be controls to determine what that person can access. It is always good to only give users the permissions for things that they actually need to use. Additionally, when a user is granted access, it can be helpful to keep a record of this for future reference.
Implementing these access controls aid in keeping sensitive data secure. Data that needs to be kept secure in this way could have information that is important to the company or even users’ private data, such as banking or health information. Companies need to establish trust with their users by providing a safe system for them to use.