Preventive controls

Preventive controls

The SunGrafix, a video game design company requires the appropriate mechanism put in place to ensure that the systems within the company are functioning and they are readily available even with the occurrence of a certain breach. Preventive controls describe the efforts that a company may implement to make sure that the right things happen at the required time and the wrong things does not happen. The efforts and mechanism put in place are cauterized of being preventive controls. The preventive controls are not 100% effectiveness, and it is always appropriate and necessary for the security bodies to have the supplement of the detective controls that will aid in identifying the potential vulnerabilities that may lead to the compromising of the functionality of the system. The company is defined by undertaking application development based on the section of gaming. Therefore, it is appropriate to make sure that proper security mechanism gets established to guarantee the provision of security at all levels.

The current security concern is that the intruders have developed different means of attacking systems and the best preventive controls to grant the SunGrafix, a video game design company is the defense in depth. The technique is currently being adopted by the fact that it gives the required protection distributive such that it applies the multiple layers of controls to make sure that no single level of the system fails to perform its functions. The company systems are connected to global the network, and even they work within the company network. The network is posed with many security concerns and the use of the defense in depth technique will mean the combination of different security measures of suing firewalls, passwords, and the adoption of preventive procedures in restricting the access (The Institute of Internal Auditors (IIA), 2009).

The focus takes on the provision of the preventive controls that can be applied to the defense in depth technique of protecting the SunGrafix, a video game design company system. Also, there will be other general physical security related preventive controls and any other appropriate measures that will give a description of the measures of preventing the systems to ensure availability, confidentiality, and integrity to their respective functions. The authentication control is an appropriate preventive measure that will ensure that the company security personnel easily identify the persons or the devices that are accessing the company systems or that is intending to use the systems. The practice will provide the restrictions such that only legitimate allowed persons and registered and configured devices can make the access to the system. In the case, the use of passwords, signatures can be the appropriate mechanism as the authentication controls. The authentication control is supplemented with the authorization controls which grant the power of restricting the access to the system by the unauthorized users. The controls ensure that the legitimate and privileged users have the right of accessing the system and if not authorized one gets blocked. The technique gets implemented with the access control matrix and the compatibility tests and the best ways of getting the controls into action (Taylor, 2014).

Security is an essential aspect that does define the development of the business. The protection is given to the SunGrafix; a video game design company system will mean a lot on the delivery of the defined services and products. Ideally, training is a prominent preventive control that will ensure that the entire fraternity of the SunGrafix, a video game design company have the knowledge and are well equipped in protecting the systems. Training is necessary to have conducted to all employees to have the understanding of the benefits that the security measures offers to the company. The process will ensure that the employees work in the safe mode of protecting the computing practices and getting them safe at the working place.

There is the physical access control which is the primary measure that makes sure that the entry within the premises of the SunGrafix, a video game design company is under proper management. The practices will provide the protection at the entry points of the building hosting the company systems, the access to the computer equipment rooms and the general access to the company devices such as the laptops, phones, the PDAs and others (SSI Staff, 2015). The task that should be implemented includes the provision of surveillance cameras that will easily provide the easy monitoring of the person's movement within the company. In the protection against the other physical destructions, the company should think of installing the fire and water detectors as well as the waterproofs materials as a way of preventing rampant destructions. There should be an investment in the innovation of moving towards the interoperable platforms that work on the open standards. The other essential physical security control mechanism is the establishment of the new credentials form factors as the use of signatures, door detector locks. The security personnel should define more efficient and convenient way of opening the door and gates such as the Bluetooth Smart short range connectivity technology. The advances in managing the identities will be essentials in ensuring that the users of the systems are monitored and tracked of their activities within the company. The use of biometrics will ensure the changing of the security barriers to the guardrail as biometric authentication is reliable and effective (Gray, Perkins & Dolph, n.d).

The technology has improved with the introduction of the VPN techniques that allow the employee to work from anywhere. It means that the staff will have to access the system from the remote. Therefore, also remote access controls are essential. It should be noted that the SunGrafix, a video game design company is depending on the defense in depth technique in enhancing security measures within the company. Firewalls should get installed and configured as required alongside the intrusion prevention systems to ensure that there are the control and prevention of the unauthorized access to the system from the remote locations. The firewalls will ensure that the packets get filtered before being transmitted from the host to the receiver. Host and application hardening is another measure that will involve the practices of the supplemental preventive controls to the servers, printers, and available devices by configuring well the systems, controlling the user accounts.

Encryption is another control prevention measure that ensures that every information within the SunGrafix, a video game design company is protection against being compromised in respect of maintaining the company integrity. The measures of encryption that can get applied include the usage of strong ascription algorithms that cannot be easily reverse engineered to capture the content encrypted. Hashing is an appropriate technique that works by transforming the plaintext into the short code called hash that cannot be reversed unless the person ahs the knowledge of the algorithm applied. There is the use of the digital signature which is defined by hashing documents by the encryption algorithm that rely on the sender’s private key. In supplement to that encryption also involves the use of digital certificates which ensures the certification of the owner of the respective public key to decrypt the document content (Obaidat & Boudriga, 2007).

Data is an essential asset to the SunGrafix, a video game design company and it requires a good investment in the protection of data systems that will ensure that the data is readily available, confidential and the means is retained at all times. It is important to have the control of ensuring that the backup system of the company is automated such that it can work offline even without the connection to the global network. The database management systems such as the Hadoop or SQL must get adopted to facilitate the objective.

Intruders may take the trick of getting the power off to have the entry into the system or the premises. As a prevention measure, the SunGrafix, a video game design company should make sure to have the use of uninterrupted power systems that will store power as the system is rectified in there is an experience of a blackout. In supplement to that automatic generators should get installed to supplement the normal electricity power supply (Swanson, 2010). Therefore, it is appropriate for the company to put in place preventive controls of the defense in depth technique which is the current potential method of delivering security within organizations and business. The preventive controls must then get supplemented with the detective controls that will provide the way of defining the new preventive controls for the SunGrafix, a video game design company.

 

References

Gray, R. H., Perkins, W. & Dolph, R. (n.d). Access Control: Your Physical Access Control Cheat Sheet

Obaidat, M. S., & Boudriga, N. A. (2007). Security of e-systems and computer networks. Cambridge [u.a.: Cambridge Univ. Press. pp 14.

SSI Staff, (2015). 5 Physical Access Control Systems Trends to Watch. physical_access_control_systems_trends_to_watch

Swanson, M. (2010).Contingency Planning Guide for Federal Information Systems. 

Taylor, p. (2014). Preventive and detective controls. 

The Institute of Internal Auditors (IIA), (2009). The Basics of Internal Controls. 

Sherry Roberts is the author of this paper. A senior editor at Melda Research in best nursing writing services if you need a similar paper you can place your order for custom nursing papers.