Table of Contents
Advertisement
Analyzing Your Security Needs
•
To provide users and applications with access to the information they need to
perform their jobs.
•
To protect sensitive data regarding employees or your business from general
access.
If your directory serves an extranet or supports e-commerce applications over the
Internet, in addition to the previous points, your concerns are:
•
To offer your customers a guarantee of privacy.
•
To guarantee information integrity.
This section contains the following information about analyzing your security
needs:
•
Determining Access Rights
•
Ensuring Data Privacy and Integrity
•
Conducting Regular Audits
•
Example Security Needs Analysis
Determining Access Rights
When you perform your data analysis, you decide what information your users,
groups, partners, customers, and applications need to access.
You can grant access rights in two ways:
•
Grant all categories of users as many rights as possible while still protecting
your sensitive data.
If you choose this open method, you must concentrate on determining what
data is sensitive or critical to your business.
•
Grant each category of users the minimum access they require to do their
jobs.
If you choose this restrictive method, you must spend some time
understanding the information needs of each category of user inside, and
possibly outside, of your organization.
No matter how you determine to grant access rights, you should create a simple
table that lists the categories of users in your organization and the access rights
you grant to each. You may also want to create a table that lists the sensitive data
held in the directory and, for each piece of data, the steps taken to protect it.
156
Red Hat Directory Server Deployment Guide • May 2005
Advertisement
Table of Contents
