Physical perspective:
Physical access control is a term used to describe a method, or the systems and procedures, of limiting physical access to a place or to particular sections inside a building.
It guarantees that particular physical places can only be entered by authorised persons with permission. Examples of physical access control include standard door locks and keys. Electronic access cards or badges can be used to restrict access to secure places, and only those with the proper key can enter a closed room.
A reader typically scans or swipes these cards to provide access. Facial recognition software, retinal scanners, and fingerprint scanners ensure that only people with approved biometric information can enter specified spaces.
At entry points, human guards can be placed to confirm identities and make sure that only people with permission are allowed entry.
Logical perspective:
Data and computer systems are protected from access via logical access control. By using authentication and permission, procedures, it makes sure that only authorised users can access specific data or systems.
Examples are Logical access control which requires users to enter a valid username and password in order to obtain access is the most used type.
Another example of requiring two or more verification elements is multi-factor authentication 2FA and MFA, which entails using a password and a one-time code that is sent to the user’s mobile device or a secured email.
Administrative perspective:
Administrative controls are practices, policies, and procedures created to oversee an organization’s general security architecture. These controls guarantee that logical and physical controls are applied correctly.
Examples include Access control methods that should be established and managed within an organisation according to formalised rules and guidelines that are outlined in security policies.
Employee education about security policies, possible risks, and best practices for preserving security is provided through training and awareness programmes.
To guarantee that only people with permission can access critical locations and data, access permissions are routinely audited and reviewed. Policies known as incident response protocols outline how to handle security lapses and malfunctions in access control.
These procedures include containment, investigation, mitigating measures, and separation of duties. Assuring that no one person has complete control over a crucial procedure, this practice involves dividing up duties among several employees in order to lower the possibility of fraud or error.
Summary:
Logical access control is concerned with securing access to computer systems and data (passwords and encryption), whereas physical access control deals with protecting physical locations and assets (locks, access cards, biometrics).
Administrative control is the process of controlling and supervising the application of security measures via guidelines and protocols (such as access reviews, training courses, and security rules).
To safeguard an organization’s assets from potential threats and unauthorised access, these controls combine to build a complete access control policy.
Internet Source:
Access Control (Physical and Logical) – CyberHoot
What’s the Difference Between Logical Access Control and Physical (identiv.com)
Cyber Essentials: Access Control & Administrative Privilege (itgovernance.co.uk)
Leave a Reply