Compatibility security mode

What is Compatibility Security Mode?
Partitioned security mode is a security measure that restricts any user of a system's access to those parts of the system that the user needs to perform his or her functions. This prevents users from accessing data and / or functionality on a network or computer system that could pose a security threat to the system through unauthorized use.

The compartmentalized security mode is one of four security modes that make up mandatory access control systems (MAC systems).

In the past, large-scale systems were often compromised due to the widespread access to an organization's users. This widespread access meant that many users had access to data that they did not have access to in order to carry out their work or function. This means that for many possible reasons, such as: Damage caused by disgruntled users or former employees whose access was not removed quickly, data modified by users with a lack of curiosity or poor judgment, willful manipulation by data vandals and attempts by fraudsters.

By accessing administrative areas of a system, a user can shut down entire systems and networks, or unauthorized access to sensitive data can be used to compromise an organization. Restricting such access provides a measure of security from unnecessary vulnerability that limits the risk of data theft or corruption.

The security problems caused by giving users broad system access led to the development of a security mode for the unit as part of a suite of four security modes. These modes offer different security levels for data and systems and are listed in ascending security level.

Dedicated security mode (all users can access all data).

High security mode of the system (all users can access limited data on a 'must know' basis).

Compartmentalized security mode (if required, all users must access limited data according to formal access authorization).

Multilevel security mode (based on the required information, all users can access limited data according to formal access authorization and clearance).

Formal use of these modes includes determining the type of direct / indirect users, the data (including its classification and security sensitivity), and the functionality and data access users will need to perform their duties. A non-disclosure agreement (NDA) is part of the mandatory security mode requirements in all modes.