Evaluation Of A Access Control Policy

855 Words Sep 1st, 2014 4 Pages
the users logon onto window the secure token is needed
3.4.2 Authorization
Authorization – all of the sensitive data and all financial data are stored in the active directory. And they are using a feature called authorization manager. This program is giving an access control policy
3.4.3 Availability
Availability – CBA is using high availability through redundancy load balancer are used to direct client traffic to the web service servers, to ensure that the web service are always available.
3.5 Monitoring
Monitoring – is important not only on the server in the data center, but also on the 52.000 distributed clients.
3.5.1 Monitoring in the data centre
• CBA requires a team for monitoring and operations such as monitoring server in several environment, penetration test, and production.
• Monitoring server health and the web service server such as monitoring the memory and disk usage to ensure are they in acceptable parameters.
3.5.2 Monitoring on the clients CBA is using the flight recorder which able to perform recording on all of the clients activity and behaviour.
3.6 CBA SECURITY INFRASTRUCTURE
I would like to describe the list of all kind of security that CBA implement:
• Security app services bank o Encryption – transport layer o Application whitelist & blacklist o URL authorization o Automatic Website isolation o Digital certificate & code signing o Remote access
• Security data service o Encryption all of the data within the company
• Security server o Malware…
Open Document