Saturday 04 July 2026 02:00:13 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Separation of duties

A control that splits sensitive responsibilities across different people or roles.

Separation of duties is a security control that divides sensitive work across different people or roles. No single person should be able to complete a high-risk action end to end, such as approving access, changing records, and exporting data without review. The goal is to reduce both mistakes and abuse by making critical actions depend on oversight.

In cyber security, separation of duties helps limit insider risk and makes misuse harder to hide. It is commonly enforced through role-based access control, approval workflows, dual authorization, and audit logging. In attacks, when one account can do too much, an intruder or malicious insider can move faster and leave fewer obstacles. In defenses, splitting responsibilities creates checks and balances: one team can request, another can approve, and a third can verify. This control does not stop every threat, but it makes unauthorized actions easier to detect and harder to complete silently.

← WIKICROOK index