Introduction to Security Controls

00:00

Hey, everyone, welcome back to the course. So in this video, we're to talk about some basic security control, so we'll talk about physical as well as logical controls.

00:10

So what are some physical controls we could do to help protect our organizations a little bit better?

00:15

So when we talk about physical controls, we're really talking about the physical things right? The premises around the building, our surroundings, things like the reception area servers, workstations.

00:26

Um, and so when we talk about how do we actually secure those things a little better? We can use things like biometrics, right? Have people scan in or have multi factor authentication set up where they have to scan their thumb, for example, or scan the retina and make sure it's actually them. Having simple door locks, window locks,

00:44

locking doors inside the building, right, making sure that certain areas air access restricted

00:50

two individuals that don't have a legitimate need to be in those areas

00:54

around the building, putting things like fences, putting security cameras or C c. T t CCTV cameras again going back to a previous example in earlier video. The course just really thinking to ourselves. Okay, if we have a house

01:08

and we need to protect that house from a burglar stealing our big screen TV. What should we do? Well, we'll put a fence. We might put cameras and might have dogs. We might have a security alarm system. We may. We might even have, like, firearms or some other kind of weapon, right? All things to discourage someone from actually breaking in our place and have them go to the neighbors.

01:30

And when we talk about company things, we could have things like man traps where only one person at a time

01:34

could actually come in. And they have to wait in a specific area so we can make sure it's actually a legitimate employees. So people can't do things like piggybacking or tailgating with the man traps. Or at least they shouldn't be able to having security guards, right? Physical people out there saying, Hey, what are you doing?

01:51

So when we talk about logical controls we're talking about, what can we actually do on the systems? Right. So we could put things like firewalls in place I D. S I. P s systems or intrusion detection intrusion prevention systems. We can do things like identity and access management. Right? So user permissions, making sure that again the right people have access to the right data at the right time

02:10

and that the wrong people don't have any access to it

02:15

and segmentation, right? So we can segment our network segment sensitive data away from where everyone else can access. Also, things like multi factor authentication as well.

02:24

So just a quick, quick question here to protect the data center that you're working in. What should you include as part of your security architectures? Is it gonna be two factor authentication

02:32

security cameras or the CCTV cameras or role based access control?

02:38

What kind of a trick question here? The answer is actually all of them right. All of these air, good things to put in place to help protect our organization a little bit better.