Access to communication devices should be restricted by physical security access controls. As a particular, access to the communication devices should be restricted in much the same way that access is restricted to a data center. For example, typically, the door to the data center is locked; with entry gained by key, card, badge, or some other authentication technique. However, in many technologies, this may not be possible because the communication devices are physically and organizationally dispersed.
Dispersion of communication devices to insular locations makes it difficult or impossible to establish data center type physical security, especially when communication devices are mobile. In such situations, access should be restricted by installation of physical device locks. These types of locks restrict usage of communication devices to those who possess the appropriate token(s).
Post Note: “Online Data Communication Access Controls – Part I” was originally published through Suite101.com under the title “Online Data Communication Access Controls”
Hot off the dotted line! MetricStream dba ComplianceOnline has commissioned me to contribute training material.