Types of Data Access Control

Generally speaking, the different types of access control can be distinguished by how access is granted (DAC and MAC) and why access is granted (RBAC and ABAC).

Here, we guide you through the main types of Data Access Control and which might suit your company best:

Discretionary Access Control (DAC)

A main administrator grants each user a certain level of access according to their role. This method works best for smaller amounts of data/files and therefore might be a option for smaller companies that can rely on individuals to regulate their access access manually.

Mandatory Access Control (MAC)

A more centralised approach where access is granted based on the security level a person is working at. Consequently government and military agencies tend to adopt this approach. It’s a fairly standardised system with little flexibility for granting access on an individual basis.

Role-Based Access Control (RBAC)

As the name suggests, access is granted based on an individual’s role within an organisation. For example, an HR manager will need different information to the marketing manager and will therefore have access to different types of data in the network.

Attribute-Based Access Control (ABAC)

With a ABAC system, rather than access being granted based on a person’s role, access rights are based on a more complex set of criteria such as location, how long a person might need access for, teams the person works alongside, their environment and so on. ABAC essentially adds more layers of authentication for a more secure level of data access.

Torsion automatically applies ABAC to existing collaboration platforms. It uses machine learning to monitor data access, apply the correct access rights, ensure there is no suspicious activity and even revokes access when it is no longer applicable. For more information or a free trial email info@torsionis.com.