The accountability portion of security control refers to holding system users responsible for their actions by constantly monitoring all activities within the system. Consistently logging and auditing activities are ways that we monitor the system to ensure proper tracking of computer misuse. For example, as part of the auditing process, the following activities should be […]
Now we’ll cover some of the administrative aspects of Operations Control. Separation of Duties is a preventative measure that prevents one person from performing a full function from beginning to an end. This policy reduces the possibility of any one person committing an act against policy unless there is collusion amongst two or more people. […]
Before we can fully understand operations security, let’s define what we mean by “operations.” Operations refer to the continual, day-to-day usage and maintenance of the system. Operations Security covers all the measures necessary to keep the entire system— including the network, computer system(s), and applications—running in a secure and protected manner. Operations Security includes the […]
