Security perimeters should be defined and used to protect areas that contain information and other associated assets.
This control emphasises on the notion that considering physical security is as important as digital security.
Most organisations ignore physical security because they rely on general security maintained by law enforcement. However, for an organisation, it is important to find out its position in the overall threat spectrum. This means that depending on the nature, size, and type of industry; every business has an adversary of some kind.Law enforcement is indeed responsible for securing the physical environment in a country, city, town, and business space. Nonetheless, it is a myth to perceive that law enforcement organisations have their eyes 24/7, let’s say, on a shared office building. Therefore, it is necessary for the organization to consider drafting a physical security policy and related procedures if required. Some organisations include physical security policies within the Information security policy. This is a subjective choice. Depending on the nature and size of the business, this could be achieved. For a larger organization with bigger office space and coverage area, it is recommended to prepare a separate set of physical security documents to include the policies, procedures, and guidelines. The physical security document may contain:
AvISO will be updating and reviewing all the information regularly, so keep us bookmarked and keep checking!
Got a question or need help? Don't hesitate to reach out to our team.