THE IMPORTANCE OF CENTRAL AUTHORITY AND USER MANAGEMENT SYSTEMS IN E-WORLD

Egerszegi Krisztián <egerszegi@itm.bme.hu,krisztian@egerszegi.hu>

BME GTK Információ- és Tudásmenedzsment Tanszék

In this era of full swing of business, an extremely important theme is the IT security, whose achievement makes a considerable and important task. One of its branches is constituted by the reliable application of the integrated, authorised and centralised using of management systems.

It is highly probable that everybody has come across this practice through which the users stick to the screen a little yellow stamp note with the passwords they got during various applications written on it, and which they do not replace within a specific period of time or across their using of hollow passwords although this type of behaviour represents an enormous risk to the security of the system. On the other hand, it often occurs that a new employee cannot start working further on immediately after his being hired, as he hasn't come into possession of the adequate data concerning the informational background or of the rights to use the system. Here steps the debate on the centralised using of the management system in the circle, and if the already mentioned situation can “only” cause nuisance and loss of time, in case an employee leaves the company, then serious damage can occur if the rights to access the company network, its “fortune”, are not withdrawn immediately. It is enough to imagine that by taking advantage of his still valid rights, he can get to various confidential information concerning trade or, at the worst, modify or even destroy it.

By means of an adequate and adequately introduced, well-developed, authorised and practical management system, the above-mentioned problems can be avoided. Its application can be of great advantage, but it is important to think over what may happen if all this has already been introduced in the company, but it is not adequately used and, owing to a false safety impression, the noticed problems can be compensated only afterwards, which can also be settled, but the revealing of certain confidential information and the losses due to an eventual harming cannot be set off.

The lecture spotlights the totally secure usage of the above-mentioned systems and the avoiding of the problems that may occur.