Which measure ensures that only authorized individuals can access sensitive information?

Access control is a fundamental security measure that restricts access to sensitive information to only those individuals who have been given explicit permission. This practice involves setting up permissions and policies that determine who can view or manipulate data based on their roles within an organization. It ensures that employees, partners, or any other users only have access to the information that is necessary for them to perform their specific duties.

Access control can be implemented through various methods such as role-based access control (RBAC), mandatory access control (MAC), or discretionary access control (DAC). By enforcing these mechanisms, organizations can protect sensitive information from unauthorized access, thereby reducing the risk of data breaches and ensuring compliance with regulations.

In contrast, data redundancy refers to storing copies of data to prevent loss, data backup involves creating backups to recover information in case of data loss, and network segmentation separates networks to enhance security but does not directly control access to information. While all these measures contribute to a broader security strategy, access control is specifically aimed at verifying and managing who can access sensitive information.