3.4 Apply appropriate security controls to file and print resources.The idea behind this section is to make note of the appropriate security controls that are necessary to control what type of information is filed and printed on a computer system as well on a network. It’s vital that these controls are implemented and maintained as required. A flaw or lack of these security controls can lead to a high security risk.
When it comes to applying the appropriate security controls to file and print resources, the controls that are put in place are extremely dependent upon the goal and mission of the organization or company. Before any type of security controls can be put in place, the company must have a clear goal as well as an understanding of the type of information they will be working with. For example, a company that is working with private and classified information will need much higher security controls than an organization that has a project that is only public information with no sort of important classification. When it comes to security controls to file and print, many times separation of duties and least privilege are implemented.
Imagine if a U.S. Agency had no security controls for the documents that were filed and printed within its resources. Think about the highly classified information that could be leaked to the media and public eyes that should not see it. Wikileaks is an obvious example of a lack of property security controls. There wasn’t enough control put on documents that allowed them to somehow become leaked, despite their security classification.
GetCertify4Less and GetCertified4Less
No comments:
Post a Comment