Physical Security comes along with some key components. First off, there are categories of Physical Security arranged in order of priority from a low level to top level typically termed Maximum Level Security or Maximum Security. Maximum Security Analyses can be defined as the complete breakdown and explanation of highly risky/categorized components and features of Physical Security planning considered the most important for a firm or organization.
Maximum Security is a term mostly used in prisons used to house the most dangerous criminals, and there is a correlation when it comes to data, equipment and personnel protection. In a Physical Security plan, the Maximum Security Policy is one of the most important. The Psychology of the development of Maximum Security policies is much more than base physical planning such as identification of risk-averse areas, use of biometrics for access, clearance levels and so on (Schumacher et al., 2013). There is a mental methodology in the approach of Maximum Security Analyses, and this is, in essence, the psychology of maximum security analyses.
In the design of a physical security plan, many experts recommend including Information Security Architecture, ISO 1779 to consider a psychological approach towards physical security planning (Wickens et al., 2015). In the case of a company say an Information Technology firm, it is composed of employees of different expertise, job groups, clearance and so on. The Maximum Security component of Physical Planning may not necessarily encompass all personnel- some employees may not have the authorization to access some types of information, some premises in the company and such restrictions as outlined in the Physical Security plan (Young & Leveson, 2014).
It is essential to consider the feelings of the employees who do not have clearance to access specific information or rooms so that they do not feel left out. In the policy it can be stated, for example, that "Only top-level managers of A, B, C departments can access this server room" and in case such a policy is broken appropriate measures are taken such as "thirty-day suspension to the manager responsible without pay." When low-level employees see the maximum security system in implementation, they are more likely to concentrate on doing their jobs to their level best, seek promotion rather than feel left out of their lowly position.
Information is arguably the most valuable resource in the 21st century. That is the reason why files and documents are labeled "Confidential," "Top Secret" and so on. Servers containing sensitive information are categorized Maximum Security. Measures to secure this information from hacking, cyber-attack and other forms of information loss have to be top-level too (Peltier, 2013). It is essential for such because it enables employees and stakeholders to keep in mind their primary components and accord it similar treatment.
Concerning the advertisement of security system capabilities, I agree with it to some extent. Publication helps show the weakness of the security system, and this is a good thing because it eliminates over-reliance on the security system. At the same time where the system cannot perform a particular function, standard manual procedures may bridge this gap. In case of fault then the human personnel take responsibility rather than the system. There is a challenge with this approach though in that the developers of the system may not be inclined and challenged to improve and upgrade the system in place. The best way forward is to advertise some capabilities of the system and keep other components such as about maximum security to only select individuals or artificial intelligence which unlike humans, are programmed to do specific jobs with no self-interest (Gonzales et al., 2017). The importance of this is if there are weaknesses in the system, then they can be solved privately away from public scrutiny. Additionally, if the system is compromised then finding the culprits is easier because the list of individuals to investigate is narrower than when everybody knows it.
Gonzales, D., Kaplan, J. M., Saltzman, E., Winkelman, Z., & Woods, D. (2017). Cloud-trust: A security assessment model for infrastructure as a service (IaaS) clouds. IEEE Transactions on Cloud Computing, 5(3), 523-536.
Peltier, T. R. (2013). Information security fundamentals. CRC Press.Schumacher, M., Fernandez-Buglioni, E., Hybertson, D., Buschmann, F., & Sommerlad, P. (2013). Security Patterns: Integrating security and systems engineering. John Wiley & Sons.Young, W., & Leveson, N. G. (2014). An integrated approach to safety and security based on systems theory. Communications of the ACM, 57(2), 31-35.
Wickens, C. D., Hollands, J. G., Banbury, S., & Parasuraman, R. (2015). Engineering psychology & human performance. Psychology Press.
If you are the original author of this essay and no longer wish to have it published on the collegeessaywriter.net website, please click below to request its removal:
- Review of Engstrom Case Study - Essay Sample
- Personal Essay Sample on Coffee Consumption
- Stages of Team Building - Essay Example
- Harassment Training Plan - Paper Example
- Summary of Course Content: Human Resources Module
- Theoretical Outlook at Trinity Social Services and the NASW Code of Ethics - Paper Example
- Changing Behaviors - Essay Sample