From information to cyber and even physical, the core questions anchoring all security issues are: who is granted access to an object and why are they given the right to do so?
The task of determining who is given the ability to carry out actions is not necessarily complicated. It can often follow a certain logic. For example, a property owner determines who can enter the premises. If the owner rents out the property, the tenant could also grant access to others within the contract conditions. This relatively simple principle can be easily replicated. However, when applied to other contexts such as information and data systems, it proves to be much more complex. When discussing information, there is a clear case of multiple owners and multiple types of owners and users, meaning that the 'Who, What, and Why’ has deeper implications.
Read more by downloading the whitepaper below!