[Aaron Elliott]

Access control characteristics prevent unauthorized users access to business facilities and assets. Access controls include software measures, along with administration and physical measures. software access controls relate to passwords, two factor authentication, and user monitoring when access is granted. The administration access control includes security policies to regulate associate behavior with company networks and training. The physical access control would include keeping assets behind locked doors, usually with a security guard for a mantrap or under camera surveillance. Fences around the property, among other attributes to prevent physical robbery of assets.

Threats to access controls would be for the software side phishing emails to steal credentials of associates who do not have two factor authentication set up. Administrative threats would be no policy enforcement, so associates are not held to secure their access credentials properly. Physical threats could include natural and human sources, such as fires or floods destroying assets. While man threats could be piggybacking associates into the facility.