From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts

Marquis, Yewande Alice (2024) From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts. Journal of Engineering Research and Reports, 26 (5). pp. 138-154. ISSN 2582-2926

[thumbnail of Marquis2652024JERR115511.pdf] Text
Marquis2652024JERR115511.pdf - Published Version

Download (738kB)

Abstract

This study investigates the effectiveness of Role-Based Access Control (RBAC) systems in mitigating insider threats to database security within various organizational environments. Insider threats represent a significant challenge for database security, necessitating robust and adaptive security measures. By delineating access based on users' roles within an organization, RBAC emerges as a critical tool against such threats. Employing a quantitative research methodology, this work gathered data through a survey targeting professionals directly involved in the security and management of organizational databases across technology, finance, healthcare, and government industries. The study utilized Confirmatory Factor Analysis (CFA) and Structural Equation Modeling (SEM) to validate the measurement model and analyze the relationships between RBAC effectiveness, implementation challenges, RBAC enhancements, and their collective impact on insider threat reduction. Findings indicate that RBAC effectively reduces unauthorized access and data breaches, significantly mitigating insider threats. However, implementation challenges such as role definition complexity and adapting to dynamic access needs emerge as notable obstacles. Enhancements in RBAC, mainly through integrating technologies like machine learning and dynamic access controls, are identified as critical mediators that enhance RBAC's effectiveness. The study concludes that while RBAC is a vital tool for database security, its success depends on continuous improvement and customization to specific organizational contexts. It recommends developing continuous enhancement programs for RBAC systems, specialized training for administrators, and the customization of RBAC strategies to meet unique organizational and industry needs. These measures are crucial for optimizing RBAC's effectiveness against insider threats.

Item Type: Article
Subjects: European Scholar > Engineering
Depositing User: Managing Editor
Date Deposited: 11 Apr 2024 06:03
Last Modified: 11 Apr 2024 06:03
URI: http://article.publish4promo.com/id/eprint/3348

Actions (login required)

View Item
View Item