Fri Apr 8 06:51:40 PDT 2016
Technology: Physical/Logical Nexus: How do physical and logical controls interact and integrate?
Options:
Option 1: No interaction between physical and logical controls exist.
Option 2: Physical controls feed into logical controls.
Option 3: Logical controls feed into physical controls.
Option 4: Logical and physical controls are bidirectionally integrated.
Decision:
IF risk aggregation is too high or maturity is less than Managed, THEN No interaction between physical and logical controls exist.
OTHERWISE IF logical controls can use physical controls readily but physical controls cannot integrate logical controls readily, THEN Physical controls feed into logical controls.
OTHERWISE IF physical controls can use logical controls readily but logical controls cannot integrate physical controls readily, THEN Logical controls feed into physical controls.
OTHERWISE Logical and physical controls are bidirectionally integrated.
Basis:
No interaction between physical and logical controls exist.
Integration of physical and logical controls eliminates the
separation of duties between these otherwise independent systems thus
causing risk aggregation and the potential for common mode failure as
well as individual attacks bypassing both sets of controls. Operating
these controls jointly also requires sophisticated management
infrastructure and supporting customization and integration efforts.
Physical controls feed into logical controls.
Many physical control systems provide feeds that can be used for
logical controls if the enterprise4 wishes to integrate those controls.
To the extent that this is directly available, it is quite helpful to,
for example, prevent logical access to high consequence systems when
physical presence is required and not determined by the physical
system to be the case. If a user is physically badged into a facility
in another city, it is not reasonable to allow them console access at
a different location in most cases.
Logical controls feed into physical controls.
In some cases, logical controls are made available to physical
security operations so that physical responses are available in case
of a detection or other related issue. In these cases, the logical
alerts typically trigger physical alerts that associate locations with
access and allow physical teams to identify the individual, gather
surveillance and other evidence, and constrain the individual.
Logical and physical controls are bidirectionally integrated.
In many cases, some amount of information passes in both
directions between the physical and logical systems, allowing more
integrated and faster incident detection, and response. As long as
this integration is carefully done it can be highly effective,
however; it takes considerable expertise and internal resources today
because integration is still in early adoption.
Copyright(c) Fred Cohen, 1988-2015 - All Rights Reserved
|