A preventive control is designed to stop security breaches before they happen. In data center security, preventing unauthorized physical access is crucial.
Prevents Unauthorized Entry – Restricts access only to authorized personnel.
Tracks and Logs Access – Records who enters and exits the data center, enhancing security monitoring.
Enhances Security Layers – Often combined with biometric authentication or PINs for stronger access control.
Meets IT Security Standards – Aligns with ISO 27001, NIST, and IIA’s GTAG recommendations on physical security.
A. Motion detectors – These are detective controls, identifying movement but not preventing unauthorized access.
C. Security cameras – Also detective, as they record events but do not prevent physical breaches.
D. Monitoring access to data center workstations – This ensures data integrity but does not prevent physical access.
IIA’s GTAG (Global Technology Audit Guide) on Information Security – Recommends strong physical access controls like key cards.
NIST SP 800-53 (Security and Privacy Controls for Federal Information Systems) – Emphasizes access control as a preventive security measure.
ISO 27001 Annex A.11 (Physical and Environmental Security) – Requires access control for secure areas, including data centers.
Why Key Card Access is the Best Preventive Control?Why Not the Other Options?IIA References:
