Access control is the process of granting or denying access to resources or services on a computer system or network. There are four main access control models: mandatory access control, discretionary access control, role-based access control, and rule-based access control. Access control can be implemented through logical methods like access control lists, group policies, account restrictions, and passwords or through physical methods such as locks, mantraps, video surveillance, and access logs. Strong access control policies and practices help ensure only authorized access and prevent security breaches.