IT Governance, Risk, and Compliance

Feb 2 2009   7:38PM GMT

Access Control Convergence – Part 1

Robert Davis Robert Davis Profile: Robert Davis

Computer technology continues to advance toward a tiered decentralized world of distributed platforms for entering, processing, and retrieving information. Technological implementations are diverse and complex; however, all IT deployments should be protected from unauthorized usage utilizing suitable information asset access controls. Given IT interconnectivity, entities should also protect information assets from unauthorized manipulation to safeguard investments from risks associated with resource misuse. Consequently, information assets access control is typically viewed from two abstraction perspectives: physical and logical security.

Physical security provides tangible assets protection whether an item is at rest or in transit. Sub-categorically, information physical security involves reducing technological vulnerabilities, usually by limiting access to the buildings and rooms where information assets are housed, or by installing mechanical locks on devices. However, physical access controls should address not only the area containing hardware, but also wiring locations utilized to connect system elements, supporting services, backup media, and other items required for IT operational effectiveness.

Distinctively, logical security focuses on safeguarding intangible assets whether data is at rest or in transit. Logical access controls are the manual and electronic policies, procedures, and organizational structures deployed to safeguard symbolic objects. Essential elements for adequate logical access control are identification, authentication, authorization, and accountability.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: