Accountability Explained

Accountability Explained 150 150 CloudGovCo

When using a computer system, individuals are responsible & accountable for their actions through Identification and Authentication:

  • Identification recognizes the log-on ID
  • Authentication verifies the log-on ID

When you use an information system you are responsible and accountable for your actions.  All information systems should provide a means by which individual users can be held individually accountable for their actions through the use of Identification and Authentication.

Identification is the process whereby a system recognizes a valid user’s identity, that is the log-on ID.

Authentication is the process of verifying the claimed identity of a user with a password, PIN or other device.

Sensitive systems, such as banking, should use multifactor authentication with two or more items to validate.

The common practice of using an email address for identification is simple. It’s also insecure because a hacker can easily get your email. If this is necessary, for example on FaceBook or LinkedIn, set up a separate email account that you use for log-ons only.