Skip to main content
Glossary

Access Control

The policies, processes, and technologies that determine who can access which resources under what conditions. Access control ensures that only authorized individuals reach sensitive systems and data.

Why it matters

Most breaches involve unauthorized access, whether through stolen credentials, excessive permissions, or forgotten accounts. Access control is the single most impactful category of security controls. Every framework mandates it. The principle of least privilege, granting only the minimum access needed, is simple to state but hard to maintain as organizations grow. Without active management, permissions accumulate and orphaned accounts persist.

In practice

Access control spans identity management, authentication (proving who you are), authorization (what you are allowed to do), and regular access reviews. It applies to applications, infrastructure, physical facilities, and data. In vucavoid, access-related controls are tracked with assigned owners and periodic effectiveness testing. Reviews surface when access rights drift from policy, and findings feed into your VUCA score.

Related terms

Segregation of Duties (SoD)

The principle that no single individual should control all phases of a critical process.

ISMS (Information Security Management System)

A systematic approach to managing sensitive information through people, processes, and technology.

Cookie Use on Our Site

To ensure the smooth functioning of our website, we use a limited number of cookies. These cookies are essential for providing you with the services available on our website and to use some of its features. Here is a brief overview:
  • vucavoid_session: This cookie is essential for user authentication. It ensures that your session is secure and recognizes you as you navigate through our site.
  • XSRF-TOKEN: This cookie is critical for website security. It helps protect against cross-site request forgery attacks.
  • latest_marketing_banner_visible_{MARKETING_BANNER_ID}: This cookie simply remembers if you have seen our latest site banner, enhancing your browsing experience without tracking your personal data.

These cookies are strictly necessary to deliver the website, and therefore, we do not require your consent to place these cookies. For more information, please visit our Privacy Policy.