Content deleted Content added
m Clarified that the CIA triad refers to confidentiality, integrity and availability, and provided more meaningful examples of the dual use of controls |
Add appropriate reference to Preventative Control citing the Zero Trust CloudSec AccuKnox blog. Tags: Reverted Visual edit |
||
Line 24:
;Preventive controls
:The main objective of preventive controls is to strengthen the system against incidents, generally by reducing if not actually eliminating vulnerabilities, as well as preventing unauthorized intruders from accessing or entering the system.<ref>Virtue, T., & Rainey, J. (2015). Preventative Control - an overview | ScienceDirect Topics. Retrieved October 13, 2021, from <nowiki>https://www.sciencedirect.com/topics/computer-science/preventative-control</nowiki></ref> This could be achieved by either ''adding'' software or feature implementations (such as firewall protection, endpoint protection, and multi-factor authentication), or ''removing'' unneeded functionalities so that the attack surface is minimized (as in [[unikernel]] applications). Additionally, educating individuals through security awareness training and exercises is included in such controls due to the human error being the weakest point of security. Strong authentication of cloud users, for instance, makes it less likely that unauthorized users can access cloud systems, and more likely that cloud users are positively identified. All in all, preventative controls affect the likelihood of a loss event occurring and are intended to prevent or eliminate the systems’ exposure to malicious action.<ref>{{Cite web |title=Zero Trust: The Future of Cloud Security |url=https://www.accuknox.com/blog/zero-trust-cloud-security-future |access-date=2023-06-20 |website=www.accuknox.com |language=en}}</ref>
;Detective controls
| |||