The organization implements role-based access control with predefined access roles for the various protected assets that entitle access to the associated asset. Strictness of the access roles should reflect the security risks associated with the asset.
The following should be considered to support access management:
By monitoring the amount of information shared in cloud services, efforts can be made to identify risks that could lead to unauthorized disclosure of information. With respect to files one may e.g. monitor: