If different user groups with different security access levels need to access the same information, which of the following actions should management take?
A.
Decrease the security level on the information to ensure accessibility and usability of the information
B.
Require specific approval each time an individual needs to access the information
C.
Increase the security controls on the information
D.
Increase the classification label on the information
Explanation:
If data is going to be available to a wide range of people, more
security should be implemented to ensure that only the necessary people access the
data and the operations they carry out are controlled. The security implemented can
come in the form of authentication and authorization technologies, encryption, and
specific access control mechanisms.