Physical Security Essay
However, this chapter advised that physical security should be implemented in layers. The concept behind this is that if one layer fail, then the other one will still function in achieving the primary goal, which is security. To protect company’s asset, the layer must start from the perimeter towards the assets. All in all, whatever the type of physical security control mechanism implemented, it must satisfy the security triad, CIA (Confidentiality, Integrity and Availability).
Specifically, this chapter also indicates that the type of assets to be protected or the nature of the assets involved in the company’s business operation will determine the type of physical security measure to be deployed. Also, the regulatory body involved in the company business operation most times stipulate the acceptable physical security required, which the company must comply to. In addition, this chapter emphasized on the threat profile of the industry in which the company operates as another area to be considered when analyzing physical security. His invariably is proportional to the acceptable risk level. Moreover, the success of any physical security is dependent on the design of the security program, the objective of the program and available resources to design the physical …show more content…
It however explained how smart card can be used as an access control mechanism as well as locks, in securing facility or system. This chapter also discussed about Electronic Access Control (EAC) tokens and how useful it is in protecting and controlling entrances into physically controlled area. Intrusion Detection System was also evaluated in this chapter as an essential tool in detecting any strange changes within the physical environment or system. Once the IDSs capture any strange change, it alerts the responsible entities and proper action will be taken to evaluate the situation and react to it. In all, physical security though, was often not considered when addressing information security, but it is a key area that touched people, data, system, buildings and all company