To protect against unauthorized access, it’s essential to establish rules and policies for authenticating and authorizing users. Access control serves as the mechanism for imposing these protections, determining who or what is permitted to perform actions or access resources within the organization.
Source: Tripwire – The State of Security