Glossary

Logical access control

Logical access control is restricting who and what can reach a system or data to those authorized to have it, the digital equivalent of locks and keys. It is central to SOC 2's logical-access criteria, CC6.1 in particular, and appears across every security framework.

In code

It is decided by IAM policies, authorization checks on routes, database grants, and scopes. It weakens in a diff when a role gains a wildcard, an authorization check is dropped, or a default flips from deny to allow.

SOC 2 CC6.1 in code
SOC 2 in code

Get early access ← All terms