6.6.1. What is Data Access Management?
Data Access Management is a set of processes and technologies used to control access to application or data. It involves creation of groups or roles with defined access privileges and then controlling access by defining group memberships. These processes run on the information security principle of “least privilege” (or “least authority”), which states that each user must only be able to access the information or resources necessary for their job. Data access management enables the organization to maintain a secure environment that not only prevents unauthorized usage, but also averts data breaches that can break customer trust and cause financial penalties.
The resources on which you generally assign permissions include the following:
- Server files / images