IT security restricts access to the computer environment but it is the enforcement of application security which prevents users from exceeding their limits of authorisation. Furthermore, it’s the organisation’s approach and enforcement of segregation of duties that minimises the risk of fraud. There are however, additional elements of application security which can be monitored by ACL.
For example – comparing users’ last logon dates to their date of termination highlights unauthorised access. Detecting multiple logons from the same user ID would be indicative of account sharing. Analysis could extend to comparing application access, network logs and IT asset records to identify logins from computers that are not assigned to a user. It might also extend to comparing holiday dates to access logs to highlight unusual activity. Analysis of failed access attempts from key accounts and users may also be of interest. Identification of suspicious patterns of password activity may also be of interest, for example, multiple users with the same password; users who consistently change passwords at the same time; or who frequently perform a reset are all included.
A powerful tool, ACL can be used to analyse IT system security, segregation of duties, and application controls. There are no limits to what can be achieved.