Physical Security: Controlled Access and Layered Defense

The above Webster’s definition can be restated for the security practitioner as controlled access. In fact,

every aspect of an IT security practitioner’s job revolves around the process of defining, implementing,

and monitoring access to information. This includes physical access. When to use it, how much, and the

best way to integrate it with traditional IT security methods, are concepts the IT security professional

must be familiar with. The IT security specialist need not be an expert, someone else will fill that role, but

effective policies and strategies should take into account the benefits as well as limitations of physical

protection. Success depends on close collaboration with the physical security office; they have more than

just IT security on their minds and a mutual respect for each other’s duties goes a long way. Thus cross

training can prove invaluable, particularly when an incident occurs. In essence, a layered, multi-

disciplined approach can provide a secure feeling; freedom from fear, doubt, etc. Controlled access

is security.