|
|
Rights of admission and of access to hardware and software are applied as organisational measures to ensure secure and proper use of IT systems and processes. If such rights are granted to the wrong person, or if a right is abused, the result may be a variety of hazards which can impair the confidentiality and integrity of data or the availability of computer performance.
Example:
During the absence of the archive keeper, a work scheduler who is not authorised to have access to the data medium archives takes some magnetic tapes for the purpose of making backup copies. Due to such uncontrolled removal of media, the inventory list of the data medium archives is not updated, and the tapes cannot be located during this period.
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |