info response

Discussion 1: Physical security is critical, but it is normally ignored by most companies. It is important if you do not need anyone to snatch away your data or destroy it, in case of natural disaster. The reason could be anything, the intruder doing it for private gain, monetary gain, for seeking vengeance or you were the vulnerable target free. If this contract is not managed properly, all the safety rules will be broken once the enemy gets through by gaining physical path. Though physical defense is proving to be challenging than earlier decades as there are extra sensitive devices accessible (like USB drives, laptops, smartphones, tablets, etc.) that enables the theft of data easy also smooth (Markham, 2012). Even before you lock down those servers, in fact, ere you even turn them on for the first time, you should guarantee that there are big locks on the server room door. Of course, the biggest lock in the world does no good if it isn't used, so you likewise need policies demanding that those doors be locked any time the room is empty, and the policies should set out who has specific key or keycode to take in. Locking the door to the server room remains a good first step, but someone could break in, or someone who has allowed access could misuse that power. You want a way to know who goes in and out and when. A log book for engaging in and out is the various elemental way to accomplish this, but it has a lot of disadvantages. A person with malicious intent is likely just to avoid it (Fennelly, 2016). References: Fennelly, L. J. (Ed.). (2016). Effective physical security. Butterworth-Heinemann. Markham, T. R., & Heimerdinger, W. (2012). U.S. Patent No. 8,272,053. Washington, DC: U.S. Patent and Trademark Office. Discussion 2: Physical security in an organization generally refers to protection of all company's assets which includes people and items. Also, this term is extended to refer to protection of hardware and software systems that guards the company’s data against unwanted access. Every company needs to adapt security measures to control access to the protected amenities. Among the most viable strategic solutions is invest establish a set if security protocols that are grounded solidly in both technological advancement and utilization of specialized software to keep the system safe from cyber-attacks, internal threats and any unauthorized attempts, and also specialized hardware to keep the system safe from natural disasters, intruders and the unprecedented future (DiMase et al, 2015). This means that for a desired level of safety to be achieved, a company must invest in a balanced combination technological advanced measures and in-person monitoring such as guards. According to scholars Zhang et al (2017). attaining a standard physical security demands three pillars namely access control, surveillance which is used to monitor the environment and keep record of what is happening, and lastly, security testing which covers manual, application, network and penetration testing. Security Testing is among newer approaches, but have proven very instrumental. This is because, even with a strong security team and excellent software security measure, other intangibles such as response to a security situation can hardly be achieved without security testing (Zhang et al, 2017). Security is an important an investment since it takes care of the assets, ensures safety of employees, caters for security of the company’s applications and data centers among other essentials. But the question of how much safety is really safe will forever remain relative and subjective due to heavy reliance on size and nature of a company. References DiMase, D., Collier, Z. A., Heffner, K., & Linkov, I. (2015). Systems engineering framework for cyber physical security and resilience. Environment Systems and Decisions, 35(2), 291-300. Zhang, Y., Yau, D., Zonouz, S., Jin, D., Qiu, M., & Erol-Kantarci, M. (2017). Guest editorial smart grid cyber-physical security. IEEE Transactions on Smart Grid, 8(5), 2409-2410.