Objects can include hardware like printers, files and folders on the network, or even access to the routers and servers that control the flow of traffic going in and out of the network. Each entry on the ACL specifies which users have access to an object, and if they have access it can specify specific permissions. For instance, a group of users may have read-only permission for a certain file. Within that group of users, one person may also have permission to edit and/or delete that file. Another example may involve a printer. A group of users may have permission to print to the specified printer, but one or two users within that group may also have permission to view and control the queue for that printer so they can assist with troubleshooting said printer.
Given that this list controls who has access to company resources and how much access they have to those resources that administrators should be the ones who control the ACL for their network. While it seems like it could be a lot of work for the network administrator to set these permissions, in the long run this could potentially save the company the time, money and headaches that could be the result of mismanaged resources. When it comes to network resources like servers and routers, especially, permissions should be handled only by administrators to ensure that security protocols are handled properly. If control of the ACL was in the wrong hands, security could be breached, network resources could be abused, and if the company wanted to audit where resources were being used it could become a logistical nightmare.
Rouse, M. (January...