Subscribe to Hexnode Blog
Get fresh insights, pro tips, and thought starters–only the best of posts for you.
BackWhat is Access Control?
Access control is the process of granting or denying requests to access systems, data, or physical resources based on predefined security policies. It determines whether a user, device, or system can interact with a resource. As a result, it enforces authorization decisions after identity is established.
How does access control work?
It operates as part of identity and access management workflows.
The process typically includes:
- Authentication: Verifying identity using credentials or MFA
- Authorization: Defining what actions are permitted
- Enforcement: Allowing or denying access based on policy
Additionally, modern systems evaluate context such as device state or location before granting access.
Core components
| Component | Description |
| Subject | User, device, or system requesting access |
| Object | Resource such as an app, network, or data |
| Policy | Rules that define access conditions |
| Enforcement point | System that evaluates and applies decisions |
These components work together to enforce structured and auditable access decisions.
Common models:
Organizations implement different authorization models depending on risk and scale.
- Role-Based (RBAC) – Access is assigned based on job roles
- Attribute-Based (ABAC) – Access decisions use attributes like device, time, or location (Wikipedia)
- Discretionary (DAC) – Resource owners define permissions
- Mandatory (MAC) – Central authority enforces classification-based access
For example, ABAC enables conditional decisions based on device compliance or user context.
Why it matters?
This is a foundational security control that protects confidentiality and system integrity.
It helps:
- Limit access to authorized entities only
- Reduce risk from excessive or outdated permissions
- Support compliance with frameworks such as NIST and ISO
However, distributed systems and inconsistent policy enforcement can introduce gaps, especially at scale.
How does Hexnode support access control?
Access decisions are enforced by the identity provider, not endpoint management platforms.
However, Hexnode contributes contextual signals that inform those decisions.
Hexnode:
- Provides device posture and compliance signals such as OS version, encryption, and security settings
- Supports policy-based access workflows by integrating device compliance with identity systems
- Provides visibility into endpoint state, helping organizations assess whether a device meets access requirements
As a result, security teams can incorporate endpoint context into access strategies and help reduce risk from unmanaged or non-compliant devices.
FAQs
What is the difference between authentication and access control?
Authentication verifies identity, while access control determines whether access is allowed.
What are the main types of access control?
RBAC, ABAC, DAC, and MAC are the most commonly used models.
Is access control the same as authorization?
They are closely related. Authorization defines permissions, while access control enforces them.
Why is access control important in cybersecurity?
It restricts access to sensitive systems and data, helping reduce unauthorized use.