ABSTRACT
Personnel within the organization need to be segregated from access to areas where they have no “need to know” for that area. The security director will have physical access to most of the facility but has no reason to access financial or HR data. The head of computer operations might have access to computer rooms and operating systems, but not the mechanical rooms that house power and HVAC facilities. It comes down to: Do not allow wandering within your organization. If you were working in the data center and you saw the line cook from the cafeteria walking through, how good would you feel about security and the protection of information?
