ABSTRACT
The above Webster’s definition can be restated for the
security practitioner as controlled access. In fact, every
aspect of an IT security practitioner’s job revolves around
the process of defining, implementing, and monitoring
access to information. This includes physical access. When
to use it, how much, and the best way to integrate it with
traditional IT security methods, are concepts the IT security
professionalmust be familiar with. The IT security specialist
need not be an expert, someone else will fill that role, but
effective policies and strategies should take into account the
benefits as well as limitations of physical protection.
Success depends on close collaboration with the physical
security office; they have more than just IT security on their
minds and a mutual respect for each other’s duties goes a
long way. Thus cross training can prove invaluable, parti-
cularly when an incident occurs. In essence, a layered,
multidisciplined approach can provide a secure feeling;
freedom from fear, doubt, etc. Controlled access is security.
SECURITY IS CONTROLLED ACCESS
