Access Controls Services

Access controls are used for authorization to access systems, they are used to validate the Digital Identity of the person accessing the system or for systems to validate connections from other systems.

There are three types (factors) of authenticating information:

  • Something the user knows, e.g. a password, pass-phrase or PIN
Something the user has, such as smart card or a key fob
Something the user is, such as fingerprint, verified by biometric measurement

Passwords are a common means of verifying a user's identity before access is given to information systems. In addition, a fourth factor of authentication is now recognized: someone you know, whereby another person who knows you can provide a human element of authentication in situations where systems have been set up to allow for such scenarios. For example, a user may have their password, but have forgotten their smart card. In such a scenario, if the user is known to designated cohorts, the cohorts may provide their smart card and password, in combination with the extant factor of the user in question, and thus provide two factors for the user with the missing credential, giving three factors overall to allow access.

For e.g. Adobe reported that its systems had been penetrated by attackers who had stolen the online credentials for millions of its users. In total, information about more than 150 million accounts was stolen - but many of those other accounts were disused, abandoned or duplicates.

Top of the list, with 1.9 million entries, was the "123456" string of numbers. Second was the slightly longer "123456789" sequence.

Other popular easy-to-guess passwords included "adobe123", "qwerty" and "password".

The following are the Top 20 password that were disclosed:

  • 123456
  • 123456789
  • password
  • adobe123
  • 12345678
  • qwerty
  • 1234567
  • 111111
  • photoshop
  • 123123
  • 1234567890
  • 000000
  • abc123
  • 1234
  • adobe1
  • macromedia
  • azerty
  • iloveyou
  • aaaaaa
  • 654321

One study of passwords found that 49% of people use the same password for all accounts which is cause for concern as those websites can vary in security therefore if one website with weak security is compromised then all accounts are compromised, if the email account is compromised then the actor can reset passwords as the most common method of password reset today is via email.

Websites that use socialing or personal information to reset a password found that 37% of the data that was used for the personal information hints could be found online.

Service Benefits

At ESC Cyber Security we help organizations implement the appropriate Access Controls to ensure they are balanced between security, digital identities, good usability and user experience. Since access controls normally have interaction of an End User it is important that a balance is in place to ensure that the human interaction does not inherit a weakness in the system, for example implementing strong complex passwords and forcing them to be changed too frequently will cause the end user to write them down or store them somewhere causing a potential negative security posture as a result, it is also common for an end user

to use the same password across multiple accounts and systems both internal and external so if 1 password is compromised then all accounts are compromised. At ESC Cyber Security we help organizations find the right balance, single sign mechanism’s, 1-time passwords for sensitive systems and data and the right for you password policy.

Service Deliverables

A detailed report of the weakness in the organizations existing access controls and recommendations on where improvements can be made to ensure the right type of access controls are being used, method for end user self service, multiple factor authentication and access controls.

  1. A detailed report on Access Controls
  2. Recommendations on Access Control improvements

Pricing Model

One-Time fee and Subscriptions Models

SEND INQUIRY  or ask for more information  ESCGS@ESCGS.COM