Security the Implementation of System-Level

¶ … Security

The implementation of system-level security in conjunction with physical security is vital to keeping an enterprise's systems, data, and identity safe from theft and misuse over time. Combining physical security and system-level software security requires a highly integrated strategy that provides for enough control over each security component yet also has enough customization to allow for agile process-based access and support (Aronson, 2005). The challenge of creating an integrated security strategy that encompasses the physical components of a security plan, and makes them complimentary for the system-level network access points, operating systems and applications requires a process-based approach to evaluating how data is used throughout an organization and with external partners and suppliers. For many organizations their security plan is now more virtual in scope, concentrating on how to best provide for security of the actual location of their complex of IT systems and applications while not constricting their use to complete the most simple to complex tasks any organization needs to sustain in order to stay viable (Kim, 2008).

The components of physical security of any enterprise-wide system must begin with authentication of those who have access and a continual auditing of system status over time. The first level of security is designed to block potential thieves or vandals from physically breaking into the systems and destroying them. This first level of security also focuses on securing systems from natural disasters including earthquakes, hurricanes or tornados. Often to provide for this level of security, enterprise systems are often in the basements of secured buildings or located in the center of larger buildings to protect them from the high winds and flying debris that occur in natural disasters. This location-based approach to system security also forces system designers to provide a connectivity strategy that is also flexible enough to allow new systems to be added in the secured area, yet stable enough to protect them over time (Johnson, 2008). There is a trade-off with regard to this first layer to ensure a high level of physical security that does not compromise the system-level flexibility and support. This first level of support can be as simple as locks, fireproofing and safes to biometrically based access as well. The components of physical security are surveillance and notification systems. These are systems that react to smoke, intrusion or a threat in the form of a break-in for example. Using motion sensors, intrusion detection equipment and closed-circuit televisions are all part of this step, as are continual centralized monitoring of the entire site as well. Organizations have successfully been able to integrate emergency self-start shutdown procedures for systems when intruders are discovered, disabling all system access to protect the data. A third class or component of security is the reliance on combining physical monitoring systems with the actual enterprise systems to ensure all data and operating parameters are backed up periodically, and in the event of a natural disaster or a theft, the enterprise systems' performance can be restarted immediately. Advanced strategies organizations are using at this level include attempting to capture the attackers by locking them into the computing complex and also taking their pictures via video and sending them to monitoring agencies including the police and FBI in real-time.