Implementation Guide › Preparing Your Endpoint Implementation › Implementation Tips › Types of Security
Types of Security
You can handle security at your site by using one of the following approaches:
- Whatever is not explicitly allowed is forbidden. This is the ideal approach, but it is impossible to use during implementation. Since no rules exist that allow anything to be done on the system, the system blocks all attempts to define access rules. It is like locking yourself out of your car with the keys still in the ignition.
- Whatever is not specifically forbidden is allowed. This approach may be less secure, but it is a practical way to implement a security system.
CA ControlMinder lets you start with the second approach and, once access rules have been defined, switch to the first approach. Default access (defaccess) and universal access (_default) rules let you define approach and switch protection policy at any time.
Important! You may need to add all users to the _restricted group when switching a protection policy. Performance may be significantly effected when switching between protection policies.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|