logo

Guidelines and Procedures for Physical Controls and Processes

   

Added on  2023-04-23

4 Pages1203 Words416 Views
Guidelines and procedures to implement and maintain physical controls and processes
Control methods -
Administrative controls:
Policies and procedures
Policies and procedures are decided by the senior management what role
exactly the security features has to play. The management is responsible for
security policies.
personnel controls
Employees have to interact with various security mechanisms. These controls
specify the action to be taken when employee is hired, terminated etc.
supervisory controls
In this approach each employee will be under a supervisor who monitors the
actions of the employees under him/her. If an employee doing fraud then both
the employee and his/her supervisor gets punishment.
security-awareness training
Proper training has to be given to the employees in the company, about the
security standards the company is maintain, and how to abide to the security
laws and follow them.
Most of the company security issues depend on the technology and the people
using it. It is up to the employees to use it properly to reduce the risk of any
incident related to security (Neves, Soares, Sargento, Pires & Fontes, 2011).
testing
The main objective of testing is to see that all the security controls, mechanism
and procedures which are used to run security techniques are checked on
regular basis to see if they are working properly or not.
Physical controls
control zone
The company is divided into zones and for each zone different level of security is
assigned. For example front office there can be low level of security, but where
as in Research & Development department could be considered as top level
security (Ojobor & Omosigho, 2016).

perimeter security
Employees are entered into the company by pass through authorized security
guard who checks employee ID cards before permitting them to enter into the
company.
Another level of perimeter security can be bio-metric scan of employee
thumb/finger before entering into the department.
CCTV surveillance at parking area or at work place.
computer control
Physical controls configured and installed to protect the thwart of the
confidential data.
work area separation
Separate work area for different employees in the company respective of their
designation.
For example, a clerk cannot enter into research area to disrupt the test data.
data backups
Servers have to be maintained to backup data so that if there is any loss in the
data due to security breaches, backed up data will help in to recover the data.
network segregation
A large network can be segregated into smaller network.
Each sub network is protected with various security levels which can be
accessed by only authorized persons (Pathari & Sonar, 2012).
Technical Controls
system access
Depending upon the architecture of an organization, different types of controls
and security can be used.
network access
Only authorized personals can access certain logical controls like routers,
switches, firewalls.
Encryption and protocols

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Applications and Technology Conference (LISAT)
|11
|1209
|12

INSE 6980 Security Project 2022
|14
|1507
|18

Difference Between Physical Network Segmentation and Micro-Segmentation
|5
|849
|84

Micro Segmentation and Zero Trust Security
|4
|726
|260

ENGR8762 Computer Networks and Cybersecurity
|8
|1020
|164

Computer and Network Security Content
|21
|1055
|20