Address Personnel Safety and Security Concerns

And finally we have reached the last part of this domain. In this section of this tutorial, we’ll take a look personnel safety and security concerns to help you understand the different aspects of personnel safety. We discuss in this section that how to make sure that employees can safely work and travel. We have already discussed in other sections of this course how security professionals can help the organization achieve this goal. Examples include:

  • Security policies (Security and Risk Management)
  • Physical security measures (preceding section, Also Security Architecture and Engineering domain, and Identity and Access Management domain)

Travel

The first principle: Different countries have different laws and policies; employees must be familiar with the differences before traveling.

During travel, encryption should be used for both data in transit and data at rest and should also limit internet connectivity through wireless networks while traveling.

In some organizations, employees are given a special travel laptop that has been scrubbed of sensitive data to use during a trip; the laptop is re-imaged upon return home.

Emergency Management

A common tool for ensuring the safety of personnel during emergencies is the Occupant Emergency Plan (OEP). The OEP describes the actions that facility occupants should take in order to ensure their safety during an emergency situation. This plan should be integrated into the security operations of the organization.

Duress

Duress refers forcing somebody to perform an act that they normally wouldn’t, due to a threat of harm, such as a bank teller giving money to a bank robber brandishing a weapon. In many cases, it is a good practice to have personnel fully comply with all reasonable demands, especially in situations where the loss is the organization’s asset.

ITperfection-Server room-Computer Networking Computer Networking ITperfection-Data-Secuirty-Network-Security-Cyber Computer Networking Cyber Security Support Hack-Network Security-HIPPA, CISSP- IT security-Data security-IT service provider- Networking- CISSP-CEH