  
|
|
|
|
Dual Control
A control procedure whereby the active involvement of two people is required to complete a specified process. Such control may be physical; e.g. two persons required to unlock the Data Safe, or logical; as in the case of a higher level authorisation password required to permit the entry of data created or amended by another person. Dual Control is one of the foundations of Information Security as it is based upon the premise that, for a breach to be committed, then both parties would need to be in collusion and, because one should always alternate the pairs of people, it would require a much greater level of corruption in order to breach dual control procedures; especially is such procedures require nested dual control access, such that (say) 2 pairs of people are required to enable access. If this procedure appears someone 'dated' in today's 21st century 'wired' environment, please note that in 2000 a number of vendors started to sell 'Trusted Operations Systems', which enforce the requirement for dual control and the separation of duties, to provide substantially greater Information Security.
|
|
|
|
| 
|
|
|
This Glossary forms part of the RUsecure Security Policy Suite... visit
|
|
Use of the guidance contained within RUsecure™ is subject to the
|
|
|
See also the
|
This site created with
|
