Essay Physical and logical security

ESSAY
Physical and logical security

Recent years we can see a strong entry of IT technologies in all aspects of everydays life. Computers, information systems, electronic mail, web, etc. Without all of these concepts it is almost impossible to imagine modern business or any another aspect of modern life. Information technology is also strongly included in some segments of the company and modern work in which until recently, were inconceivable, such as technical protection. Digital IP cameras, intelligent software systems for the analysis of complex events are our reality and more of them one can not ignore. This raises the question whether the modern world can be separately managed logical and physical security? Logical security (or IT security) is primarily engaged in the protection of information resources (computers, databases, etc). Logical security includes flow control information from the outside of world into the enterprise, from business to the outside world as well as data throughout the enterprise. Logical security use certain technologies to allow certain person to access to information and systems they need whether it be for personal use or for their job. Access to information technology that we use and we need to protect with this form of security should be limited to only those individuals who need to access the information that we are protecting. In modern computer world we usually do that in several ways. In modern companies of 21st century operators use proces of authentication. Authentication is a process that uses a computer program, computer or network to confirm the identity of the user. It is implemented using the code and authentication information from the user. The process of authentication and verification of user identity is an extremely important element of information security. Since the authentication is the first step to a user to logs into the system, the safety requirements is pretty high. Also, besides the high level of security that would be useful in practice, the authentication process must satisfy numerous other requirements (convenience, cost-effectiveness, ease of maintenance and management, etc.). In everyday business there is a need for more frequent reporting on the system, they put different usernames and authentication information. In this area it helps the introduction of the protocol "user authentication and authorization in one place" or "single authentication". This protocol reduces human error, because it takes much less to remember passwords and also saves time. We can also mention todays popular user names or IDs, that use words and numbers with code to accesses informations or popular public worlds networks.

1|Page

Essay Physical and logical security

Biometrics is also popular way of logical security. That is a technique for authentication that uses the unique physiological characteristics of each person in order to authenticate our IT systems. That means that for authentication or login to computer instead of entering their username and password identify something else that is unique to that person and what makes it unique and different from other users. Today the most commonly used features are fingerprints, hand geometry and facial appearance and retina of the eye. All these features are unique to each person. Biometrics is widely used in IT security and IT in general. Physical security is focused on the protection of physical assets, people, buildings, facilities. This aspect of security involves managing people and assets throughout the enterprise, from the enterprise and in the enterprise. From this we conclude that the logical security includes protection of information resources, while physical security includes protection of all the other resource companies. Physical security encompasses not only the area containing system hardware, but also the locations of wiring used to connect the other part of the systems. We also use and manage with all of these insurances (or securitys) in our personal life. The first "layer" of security we need as a personal user is the physical security of our computer system. There, we can ask many of questions. Who has direct physical access to our computer? Can we protect our machine from their tampering? If we are a home user, we probably do not need much protection (although we might want to protect our computer by children or annoying relatives). Physical security is as well an essential part of IT security. If we are in the lab, we need considerably more protection, however, users on computers still have to be able to work, but these security must be present. Systems for managing physical security are used to control access to resources and systems, and determine who has access, when and under what conditions. Typical infrastructure of such a system consists of: physical access control - card readers or biometric devices (fingerprint reader palm/ fingerprint, face recognition, etc.); Uninterrupted Power Supplies (generators, backup batteries, systems for distributing electricity, system for the physical blocking and locking mechanism, such as electromagnetic devices; Closed-Circuit Television systems; and Asynchronous Transfer Mode. The aforementioned systems communicate using infrastructure services as provided in the IT sector. For example, a card reader at the entrance may be connected to the control system, which is associated with the CCTV system, which monitors a system for managing physical security. Physical security is focused on the protection of property, people and structures. Furthermore, dealing with the monitoring and control over people and property in space. It is for this reason, methods of access control, intrusion detection, etc., must be carried out daily in order to provide better physical protection. With the development of business, data centers and centers for the provision of web services must to provide physical and logical security. Intruders who forge

2|Page

Essay Physical and logical security

their identity or intentions, can cause catastrophic damage - from the physical incapacitation of critical equipment to perform the attack on program support, or another logical security problem. Even well-intentioned staff everyday errors can significantly affect the business. All the above problems can be solved by reducing and controlling access to critical areas and equipment. Develop a number of technologies that are increasingly and ever-decreasing price of implementing a wide range of solutions based on three basic principles of identification - What do you have? What do you know? and Who are you? By combining risk assessment with an analysis of the needs of access and available technologies, can be build an effective security system that balances cost with the level of protection achieved.

References

1.

Mehdizadeh Y. (2004), Convergence of Logical and Physical Security, Sans Institute

http://www.sans.org/reading_room/whitepapers/authentication/convergencelogical-physical-security_1308

2. Network Insider (August 2006), The Convergence of Logical and Physical Security Solutions
http://www.arcsight.com/articles/ArcSight_Network_Insider_Physical_Logical_S ecurity.pdf

3. Physical and Logical Security Standard Guidelines (2008), Office of Information Technology, Arkansas
http://www.dis.arkansas.gov/policiesstandards/documents/phylogguidelines.p df

4. Gergi R. (2010), Logical and Physical Security - What the Major Differences Are
http://ezinearticles.com/?Logical-and-Physical-Security---What-the-MajorDifferences-Are&id=3541842

3|Page