1

Access Control

Students Name

Professors Name

Affiliated Institution

Course

Date
2

Access Control

Access control entails to a specified and selective restricted access to a premises, resource

or asset that has some essence or value to a business, entity or owner. As a physical security

specialist, access control is one step of ensuring that a resource is protected from malicious intent

or damage. There are various ways to which the security of a resource can be compromised.

These threats can either be natural, human intended or a mistake without prior intent. To ensure

the security is uphold one has to take various measures that prioritize and keep the resources safe

from threats and reliable to the organization.

One case of security consideration is an airport. First, looking at the security threats of an

airport. Airport security can be compromised first by terrorist from unknown locations anywhere

in the world, armed robbery, hijackers, cyber attacks, information sabotage and forgery. IOT

today is used in every single business entity either directly or indirectly. With airports depending

largely on communication threats related to IOT pose a major concerns for the organization. One

such threat are the Trojans and viruses. These threats infect a system and affects the functionality

and data in them hence may cause delays and data loss of clients.

The internet of things, (IOT) has been termed as the future of the internet. With more and

more devices requiring connection to the internet for optimal functionality, the security of IOT

devices must be a priority for every organization. One method used in the optimization of

security of security at organization is the use of encryption (Ahmed, et al., 2017). Encryption

entails to changing the day so that anyone unauthorized accessing the information cannot

understand it. This gives the data security Incase of a successful attack( Kohls, K., et al, 2020) .
3

Another approach to safeguarding data in IOT devices is putting the organization network

protection through setting up a firewall when connecting the internal organization network to the

internet. As much as the internet is a useful resource, it comes with very serious threats to a

business. A firewall acts as the first defense to the network and all devices in the network.

Through a firewall, viruses, malwares, malicious programs, websites containing malwares and it

also gives the organization user control over some websites and applications( Wegner, 2017).

One method to ensure security of an enterprise is through the use of and enterprise

security architecture (Arconati, N. 2019) The enterprise security architecture defines and

displays the conceptual design of the network security infrastructure. It also outlines the

procedures needed to be followed to arrive at a secure computer network and finally the design is

based of set international and local policies for ensuring security of a network. The enterprise

security architecture is used in the providing of security for cooperate information. Corporate

information is crucial to day to day decision making and running of an enterprise hence requires

optimal security and high consideration in the architecture.

The domain name address and systems allows users In a network access the internet

easily via a domain address without necessarily trying to use up addressing for every user in the

network. This also allows workers and client end computers share files and folders via the

company domain address. It is critical for businesses to ensure they uphold optimal network

infrastructure to ensure reliability of the network. The security of the domain address is then

critical for all business requirements. One way to ensure success is not to place the domain name

server and address on the same subnet as the router or single choke point.

Another approach I would use as a physical security analyst is to install the DNS server

on different platforms. This will allow the network be network independent and reliable in case
4

of operating systems server crash or attack. The application of DNS server on different servers is

possible through using different types of operating systems and as a platform for hosting the

DNS server. I would also use the split horizon DNS (Chor, L., 2021) Slip horizon DNS allows

for hiding of the DNS server from hackers and people with malicious intentions.

As a physical security analyst, I would also have a look at the Security risks in existing

wireless sensor networks protocols. Ensuring security in wireless sensor networks allows for

ensuring of trust in the network well talking of cooperate information in the internal company

network. According to Tonic, (2017). “a combination of resource restrictions and the physical

exposure of sensor devices inevitably cause such networks to be vulnerable to security threats,

both external and internal” hence it is crucial that one addresses the need for a good security

setup to prevent the success of threats against the network or organization.

One very efficient and reliable software is the victory access control software. This

software stands for vehicular integration of command, control, computers, intelligence,

surveillance and reconnaissance or electronic warfare. Such an application can be very efficient

in determining the security of an organization as it covers almost all aspects of the security.

However, the victory system requires expert understanding of networking, security and computer

systems to have efficient and effective running of the system(Ahmed, et al., 2019). Not everyone

can understand the working of the system making it A bit difficult to conceptualize for person’s

outside the career point. Different components of security can be Compromised as the

organization should not be dependent of external or outsourced security solutions but rather have

it’s own approach.

I would conventionally analyze the physical security not only by looking at the network

and technological components but also the physical aspect. Today technology has made
5

surveillance easy through the use of devices such as cctv systems and a sensors. Through such

systems the network is fast protected from physical attacks or proximity access( Chen, 2019).

Most computer systems can only be hacked if only someone gets access to a network close to or

within the organization through physical protection almost all of the other types of attacks can be

prevented and secured from occurring hence giving chance for a full proof access to the system.

Today cctv surveillance equipment come with international standard protocols that allow for

unhindered access and follow strict security protocols. Hence I would fast ensure the premises is

well equipped with surveillance and security systems to prevent unauthorized access.

Another physical access control mechanism is the establishment of Fences and electric

proofing. Fences take on and restrict the business to one access point. Through containing the

business via one access point also limits the access of people with malicious intentions. At the

one allowed entry and exit point the security protocols can then maximize security by placing

security personnel at the point and using security systems such as biometric screening and access

codes for anyone accessing the ( Salim, M. M., 2020), screenings restrictions also limits and

allows access for employees working in the area. Restricted access then helps the internal

network be safe from attack.

The other concern for any organization is the possibility of social engineering within the

organization. Social engineering refers to potential use of internal personal to influence the

business processes and attack the organization from inside. Such a threat involves one of the

greatest threats to the business and is Extremely difficult to prevent or protect from. One suitable

method as a physical security manager is to educate the personnel on the importance of

refraining from such actions in the best way possible. It such a situation ethics and morals of
6

employees plays an essential role in making sure the business stays secure. However as much as

ethics come in play most people are easily manipulated through money or other valuable items.

The work of a physical security analyst is extremely difficult in an organization without

any consideration for the protocols and procedures necessary for ensuring security of the

business. Most case are usually taken seriously after an even has occurred requiring the need for

a security expert. Most people act only after regret. These situations usually lead to unprepared

expenses and costs leading to insufficient security preparations. The importance of business

operations can not be measured as the business depends on the operations and service rendering

for efficient output.

In the course of making security arrangements, procedures, protocols and setting up

measures to ensure the business is secure. As a physical security analyst, one has to look for

every loophole in the security that may affect business operations. As more technological

advances suffice, there are more approaches to making businesses successful. And as well there

are increased advances in threats possible to happen and Impact to the business. The set up

protocols and measure against security threats can never seem to be sufficient as one needs to

have more and more aspects to be put into consideration( Cynthia, 2019). The task of ensuring

security is always continuous as longs as business services continue being rendered and the

business continues being successful. Business competition usually rises to be the biggest threat to

the business.
7

Reference

Arconati, N. (2019) One Approach to Enterprise Security Architecture. Retrieved from

https://www.semanticscholar.org/paper/One-Approach-to-Enterprise-Security-

Architecture-Arconati/4c9c73a8f84a2d3b398f63ffdc0b9ed5f173dd93

M. M. Ahemd, M. A. Shah and A. Wahid, “IoT security: A layered approach for attacks &

defenses,” 2017 International Conference on Communication Technologies (ComTech),

2017, pp. 104-110, doi: 10.1109/COMTECH.2017.8065757.

Chor, L., (2021)DNS Security Considerations and the Alternatives to BIND. Retrieved from

https://www.sans.org/white-papers/567/

Ahmed, H. I., Nasr, A. A., Abdel-Mageid, S., & Aslan, H. K. (2019). A survey of IoT security

threats and defenses. International Journal of Advanced Computer Research, 9(45), 325-

350.

Chen, H., Pendleton, M., Njilla, L., & Xu, S. (2019). A survey on Ethereum systems security:

Vulnerabilities, attacks and defenses. arXiv preprint arXiv:1908.04507.

Wegner, A., Graham, J., & Ribble, E. (2017). A new approach to cyberphysical security in

industry 4.0. In Cybersecurity for Industry 4.0 (pp. 59-72). Springer, Cham.

Cynthia, J., Sultana, H. P., Saroja, M. N., & Senthil, J. (2019). Security protocols for IoT. In

Ubiquitous computing and computing security of IoT (pp. 1-28). Springer, Cham.

Salim, M. M., Rathore, S., & Park, J. H. (2020). Distributed denial of service attacks and its

defenses in IoT: a survey. The Journal of Supercomputing, 76(7), 5320-5363.

Kohls, K., Rupprecht, D., Holz, T., & Pöpper, C. (2019, May). Lost traffic encryption:

fingerprinting lite/4g traffic on layer two. In Proceedings of the 12th Conference on

Security and Privacy in Wireless and Mobile Networks (pp. 249-260).