Types of security controls: comprehensive guide and classifications

Security controls play an important role in defining the actions that cybersecurity professionals take to protect a company. We can say that there are three main types of IT security controls, including physical, technical and administrative.

The main purpose for implementing security controls can be preventive, detective or corrective. There are other literatures and approaches that also consider controls that act as deterrent and compensatory. In addition, controls are also used to protect people, as is the case with training or social engineering awareness policies.

Lack of security controls puts the confidentiality, integrity, and availability of information at risk. These risks also extend to the security of people and assets within an organization.

In the image below you can see the different types of basic security controls, focusing on their types and their purpose.

Different Types of Security Controls

Legend: Different Types of Security Controls

Physical Controls:

  • Preventive:
    • Fences
    • Gates
    • Locks
  • Detective:
    • CCTV
    • Surveillance Cameras
  • Corrective:
    • Repair a physical damage
    • Re-issue access cards

Technical Controls:

Administrative Controls:

 

 

Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *

Este site utiliza o Akismet para reduzir spam. Saiba como seus dados em comentários são processados.