Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 3

Cybersecurity Basics #8 - Authentication, Authorization, & Need To Know

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

Morning, everybody. Hope you're having a fantastic start to your day. This is mornings with Mark. We are going to continue the cyber security Basics topics today with one that people mix up time. In fact, as you can see, I'm outside and I'm so thankful. It wasn't easy to get these two concepts mixed station is the concept of what somebody is allowed to do authentication is making sure somebody is so authentic Asian is something that we all use all the time anytime you log in with a username and password and hopefully multi-factor authentication which we covered.

An authentication that's verifying that I'm me. So when I log in with Mark and my mornings with Mark on passwords on the cybersecurity, then what's going to happen is that the system is going to authenticate what I'm expecting your multi-factor is valid you are in fact Mark. I have authenticated verifying who somebody is a little loud to do.

So, let's say I'm logging into my email when I login mark it says, okay. I know your mom. Username and passphrase combination of the correct multi-factor authentication the data associated with Mark, but you can't see friends or Jose or Bob's or Pauline or Francine or whomever you are only authorized to see the data for that one user accounts as a pretty simple understandable explanation but indicated as yourself now, you're making a post in this post I or you can send it to friends and therefore Facebook is going to verify that Fred and Francine are in fact friends of Mark and now they are authorized Sissy.

Authorization work who you are are you tied directly to authorization? This is one that a lot of people struggle with because it goes against nature wanted to share things and I need to know so simply asked if you were a large clearance levels of organization that has certain clearances projects.

So it's a refinement of authorization because I trust you doesn't mean I trust you with everything are certain things that operate it makes more sense. If you're working with an organization and you have a partnership that you're working on and that's under a something like a non-disclosure agreement. That's a legal agreement between two parties that okay.

We are not going to share this information. Have you specific circumstances about it? No, so they may be authentic internal employees. We want them to be excited about the partnership and certainly that maybe and they might want one or two people working on this early, but not everybody in the Shell butter to make some features in and then there's a squad.

Is the fact there's a risk if you have this partnership that is still leak out. Can I make sure I know who you are and I need to know what these are very I'm chopping block. Very simple to do very easy to do if you know what to look for most falls down is that as can be complicated to administer in a narrow ass or we're going to do I strongly encourage you to try to be no issue the more information helpful.

How do you apply let me know online? also on the broader sense of this series of cybersecurity basics Morning, everybody. Hope you're having a fantastic start to your day. This is mornings with Mark. We are going to continue the cyber security Basics topics today with one that people mix up time.

In fact, as you can see, I'm outside and I'm so thankful. It wasn't easy to get these two concepts mixed station is the concept of what somebody is allowed to do authentication is making sure somebody is so authentic Asian is something that we all use all the time anytime you log in with a username and password and hopefully multi-factor authentication which we covered.

An authentication that's verifying that I'm me. So when I log in with Mark and my mornings with Mark on passwords on the cybersecurity, then what's going to happen is that the system is going to authenticate what I'm expecting your multi-factor is valid you are in fact Mark. I have authenticated verifying who somebody is a little loud to do.

So, let's say I'm logging into my email when I login mark it says, okay. I know your mom. Username and passphrase combination of the correct multi-factor authentication the data associated with Mark, but you can't see friends or Jose or Bob's or Pauline or Francine or whomever you are only authorized to see the data for that one user accounts as a pretty simple understandable explanation but indicated as yourself now, you're making a post in this post I or you can send it to friends and therefore Facebook is going to verify that Fred and Francine are in fact friends of Mark and now they are authorized Sissy.

Authorization work who you are are you tied directly to authorization? This is one that a lot of people struggle with because it goes against nature wanted to share things and I need to know so simply asked if you were a large clearance levels of organization that has certain clearances projects.

So it's a refinement of authorization because I trust you doesn't mean I trust you with everything are certain things that operate it makes more sense. If you're working with an organization and you have a partnership that you're working on and that's under a something like a non-disclosure agreement. That's a legal agreement between two parties that okay.

We are not going to share this information. Have you specific circumstances about it? No, so they may be authentic internal employees. We want them to be excited about the partnership and certainly that maybe and they might want one or two people working on this early, but not everybody in the Shell butter to make some features in and then there's a squad.

Is the fact there's a risk if you have this partnership that is still leak out. Can I make sure I know who you are and I need to know what these are very I'm chopping block. Very simple to do very easy to do if you know what to look for most falls down is that as can be complicated to administer in a narrow ass or we're going to do I strongly encourage you to try to be no issue the more information helpful.

How do you apply let me know online? also on the broader sense of this series of cybersecurity basics