Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

Access control is the KEY to security management of any office or premises. So, what are the procedures to be in place for Access control?

user-image
Question added by Md Fazlur Rahman , Procurement Specialist , Engineering and Planning Consultants Ltd
Date Posted: 2017/01/27
Virgilio Paralisan
by Virgilio Paralisan , Workshop Facilitator/Consultant , The Workshops

Access control is NOT the ONLY KEY to security management of any office or premises.

 

You have to see security management as a holistic, multi-dimensional, and multi-layer responsibility.

 

It is wholistic because security management must be part of an overall strategy of the organization especially if security includes the security of customer information. There should be a policy defining how security is implemented and a post-security breach is going to be handled.

 

As part of my responsibility, I have a critical part of determining policy for security management and how to handle people who breach security. Security responsibility starts when Recruitment enters the name of an applicant interviewee's name on the appointment list. I assess threats at the point of entry during application for employment. There were instances that security breach was committed by people who encode data on Access Key Cards. IT personnel had free access to Operations which led to the theft of RAM chips from PCs in Operations Shop Floor. It happened because IT applicants were not vetted simply because they were endorsements from key people.

 

Multi-dimensional because it covers physical infrastructure, IT infrastructure, personnel vetting, document-information protection, and key personnel protection. If your network cabling is not designed with security factored in, you will have someone plugging in a tablet from a hallway UTP port without the "hacker" needing an access key card. Security should already be factored in during the design of a facility.

 

It is multi-layer because different levels in the organizational structure require different security requirements and respond to different protection needs.

 

I suggest learning about data security first which covers the different aspect of protecting data and IT infrastructure. You can visit this website

 

https://www.pcicomplianceguide.org/

 

After you have conducted your internal security audit, you can start reading up on ISO Security Standards:

 

http://www.iso27001security.com/

 

I used to comply with the Payment Card Industry - Data Security Standard (PCI-DSS) and at the same time responsible for the security of personnel on site and Executive Protection. You also need to consider business continuity in the event of a security breach.

Omar Saad Ibrahem Alhamadani
by Omar Saad Ibrahem Alhamadani , Snr. HR & Finance Officer , Sarri Zawetta Company

Thanks

I think they are:

  • Fingerprint machine.
  • Attendance sheet.
  • D.camera, which record 24\\7.

Muhammad Arif
by Muhammad Arif , Professional Engineer , QD SBG

I am agreed with Virgilio Paralisan coments. Access automation systems is advance technology for authorize and unauthorize person security permission. Any reputed organization company safe his property and persone protection. 

Subhash Jayanti
by Subhash Jayanti , IT Security Consultant , UnitedHealth Group

Proper documented Access Control Policy

Procedures to facilitate implementation of those policies

Managing Information Security Accounts

Employing automated mechanisms to support the management of security accounts

Bhupendra Medhekar
by Bhupendra Medhekar , Project Co-ordinator , Rasilant Technologies Pvt. Ltd.

I agree...............................................

Ganapathy Sivalingadurai Pauldurai
by Ganapathy Sivalingadurai Pauldurai , Technical Consultant , Wipro Limited

Access Control is the key to security management.

Access control needs to be achieved for

Physical and logical in any organisation to avoid Loss/Threat.

For better access control, every organisation shall have the Risk assessment in place and update the same in every year / frequently based on the business nature and demand. Based on the risk assessment and vulnerability assessment organisations should take the mitigation and countermeasures in place with standard operating procedures for both Physical and logical ACS.

This should include the priority for the business interests.

Organisations shall decide what are the possible and affordable solutions can be used to mitigate the physical and logical threats to the premise. 

Mohammed Khamis Alhajj Abdullah
by Mohammed Khamis Alhajj Abdullah , IT Manager , Matrix for Computer Sciences

Create account in system for example ZKTeco and get access card to this user account , and also premission of level account - user,manager,admin

Hemant Chalke
by Hemant Chalke , Director – FM & Security , Al Anadee Contracting Company

Visitor Control

Material Control

Vehicle Control

Visual Surveillance

if you need more info, kindly pm me

Manasa Kaslekar
by Manasa Kaslekar , Senior Talent Acquisition Specialist , Smyth and Bradshaw

I too agree with Mr.Virgilio Paralisan views

Mahmoud Zaher Tarakji
by Mahmoud Zaher Tarakji , مدير , أوال جاليري

...................I agree with all ...................

Manzoor Alam
by Manzoor Alam , Director , 7th Sky Travel & Tourism Services (Pvt.) Limited

I will got the answer given by the Mr. Virgilio, who has explained well and covered many areas.

More Questions Like This