Technical Control's

Computer Security Program Manager (CSPM) perspective.

Technical Controls

Practices for Administration of Physical and Operations Security

How could Administrative, Technical, and Physical Controls introduce a false sense of security?

Since, there are several policies in place that enforce security awareness and accountability via administrative, technical, and physical controls that are driven by business objectives rather than ones gut feelings, it could lead to having policies that are too strict that will be overlooked by personnel which will be creating a false sense of security and possibly create new attack vectors. Also, within layer two of the OSI levels pertaining to wireless media it may allow one to connect freely to a given network without having the necessary authorization to authenticate on the network due to the network weak authentication software and encryption mechanisms that provide the false sense of security as well.

The use of passwords that are used to protect data files and user account profiles at times deal with problems of authorization and authentication due to the quality of the password software mechanism and the way in which the password was administered are critical that could lead to comprise. Also consumers that operate home PCs are under the false sense of security when thinking their wireless home network(s) that are provided via their local telephone and cable services are secured by only using the password passkey and antivirus software can easily be overtaken if there are not other security levels installed on the network.

I would have to agree with most scholars that in the terms of information security as it evolves especially now that many are utilizing the cloud infrastructure nothing is or will be totally secured, because within the cloud technology you have to know your perimeters and what you will be actually trying to protect in order to ensure you have the right protocols in...