Physical Security Controls

Abstract

For this task, one may ask the importance of physical security in the digital era. Guarding the server room or any computer hardware by the security personnel is one of the vital security features that one should consider rather than protecting the informational technology asset through using a keyboard. In this write-up, we are to come up with a suitable worst occurrence whereby an invader conquers physical security pedals and bypasses access control, thus gaining access to the IT assets.

A scenario of physical attack

“The VA reported that some 26.5 million U.S. Veterans had been released since 1975 have been put at risk (Santa Cruz, n.d.) for identity theft after their electronic records were stolen from the residence of a U.S. Department of Veterans Affairs employee who wasn’t authorized to take the data home. (TechTarget, 2006) “

An interference concerning VA asset as narrated by Secretary R. James Nicholson to the press. According to him, no name of the employee took part in the intrusion. There was no time for an employee to access the data on the laptop, which was kept private at his house.

The intruder capitalized on the weak physical security access through negligence, where the intruder was able to defeat the physical security controls and gained access to the assets, thus gain control over the IT assets.

Physical access control is very vital when enforcing security measures apart from protection through monitor and keyboard. The act of limiting the access of the building, property or room to people who are allowed to enter the premises is what is referred to as physical access control (Wikimedia Foundation, 2017).

The controlling unit has to guard the customer’s raw facts and figure in any given situation where individual data is composed.  The FTC acclaims to “Take Stock,” “Scaled own,” besides “Lock it up.”  Keeping the smallest amount happens to be a better recommendation for data security while obtaining the data (Federal Trade Commission, 2016).

Handling confidential particulars to the organization seems to have specific guidelines for precise business, such as the act which personalized to the financial industry to be in particular banks, which was well-known as the “Gramm-Leach-Bliley Act.” It seems that in the case of VA that the employee took the information from the laptop, which was taken ton home thus tamper with the access control, which was in particular supposed to be at the VA in an environment which was physically controlled. This permitted the intruder to defeat physical security controls that should have been in place and walk away with the laptop very quickly. If “PERSONAL DATA PRIVACY AND SECURITY ACT OF 2007” was in place, then it could not have been possible for this menace to occur as it vividly entails how to handle personal data and meaningful private information in VA incident (Federal Trade Commission, 2016).

It is essential to enforce physical security access control to any IT assets as far as security of the meaningful information which is used for decision making is a concern. In today’s world of technology, which is full of cyberattacks, it is very much recommendable to enforce physical access controls.

References:

” Brenner, Bill. “Personal Data on 26.5 Million Veterans Stolen.” SearchSecurity. TechTarget, 10 July 2006.

Web. 18 May 2017.

“Security Breach Examples and Practices to Avoid Them.” Security Breach Examples and Practices to Avoid Them. Univ of California Santa Cruz, n.d. Web. 18 May 2017.

“Access Control.” Wikipedia. Wikimedia Foundation, 20 May 2017. Web. 21 May 2017.

“Protecting Personal Information: A Guide for Business.” Protecting Personal Information: A Guide for Business | Federal Trade Commission. Federal Trade Commission, 01 Oct. 2016. Web. 21 May 2017.