Cyber Security Administrative Controls

[Margorie Gomoran]

Whileadministrative controls may rely on technology or physical controls for enforcement, the term is generally used for policies and procedures rather than the tools used to enforce them. For example, a BYOD policy is an administrative control, even though the security checkpoints, scanners, or wireless signal blocking tools used to enforce the policy would be physical controls.

In the last post, three control types were covered that encompassed all the implementation areas for cybersecurity defenses. While these three categories do cover all security products, they do not properly express the goals of these security controls. Below you will find a list of the most common goals of the previously outlined controls.

These goals are used in conjunction with the controls. For example, a firewall would primarily be a technical control with preventative goals. Note that many solutions will not fit into a single control and goal category. This firewall example may also be an administrative control if the policies surrounding its implementation are considered.

Solutions or policies with the goal of detecting incidents after they have occurred. This goal is usually achieved primarily via technical or physical controls. Many products achieve both detective and preventative goals simultaneously in order to reduce the amount of security products required within an organization.

Whenever an incident causes impact, corrective controls will intervene in order to remediate the issue. One of the most vital administrative corrective controls is a proper Incident Response Plan, outlined later in this post.

Controls that are implemented solely as a substitute for a more effective method. A commonly used example would be a new employee that is not registered with the existing badge reader system. A compensating control would be to escort the associate until a proper solution is achieved.

We will use the expanded definitions and goals provided in this post to cover these final two control types and give specific examples regarding their implementation and importance. For more details on current security standards, be sure to check out the NIST documentation on security controls: -53

Security controls exist to reduce or mitigate the risk to those assets. They include any type of policy, procedure, technique, method, solution, plan, action, or device designed to help accomplish that goal. Recognizable examples include firewalls, surveillance systems, and antivirus software.

Once an organization defines control objectives, it can assess the risk to individual assets and then choose the most appropriate security controls to put in place. One of the easiest and most straightforward models for classifying controls is by type: physical, technical, or administrative, and by function: preventative, detective, and corrective.

Technical controls (also known as logical controls) include hardware or software mechanisms used to protect assets. Some common examples are authentication solutions, firewalls, antivirus software, intrusion detection systems (IDSs), intrusion protection systems (IPSs), constrained interfaces, as well as access control lists (ACLs) and encryption measures.

Administrative controls refer to policies, procedures, or guidelines that define personnel or business practices in accordance with the organization's security goals. These can apply to employee hiring and termination, equipment and Internet usage, physical access to facilities, separation of duties, data classification, and auditing. Security awareness training for employees also falls under the umbrella of administrative controls.

Corrective controls include any measures taken to repair damage or restore resources and capabilities to their prior state following an unauthorized or unwanted activity. Examples of technical corrective controls include patching a system, quarantining a virus, terminating a process, or rebooting a system. Putting an incident response plan into action is an example of an administrative corrective control.

Security professionals reduce risk to an organization's assets by applying a variety of security controls. Controls classified by function include preventative (designed to stop unwanted or unauthorized activity from occurring), detective (designed to detect unwanted or unauthorized activity in progress or after the fact), and corrective (designed to repair damage or restore resources to their prior state following unwanted activity). Control functions go hand-in-hand with three security control types: administrative, technical, and physical.

One of three security control types (administrative, technical, physical), technical controls include hardware or software mechanisms used to protect assets. Some common examples are authentication solutions, firewalls, antivirus software, intrusion detection systems (IDSs), intrusion protection systems (IPSs), constrained interfaces, as well as access control lists (ACLs) and encryption measures. See also Administrative control and Technical control.

One of three security control types (administrative, technical, physical), administrative controls refer to policies, procedures, or guidelines that define personnel or business practices in accordance with the organization's security goals. These can apply to employee hiring and termination, equipment and Internet usage, physical access to facilities, separation of duties, data classification, and auditing. Security awareness training for employees also falls under the umbrella of administrative controls. See also Technical control and Physical control.

One of three security control functions (preventative, detective, corrective), a preventative control is any security measure designed to stop unwanted or unauthorized activity from occurring. Examples include physical controls such as fences, locks, and alarm systems; technical controls such as anti-virus software, firewalls, and intrusion prevention systems (IPSs); and administrative controls like separation of duties, data classification, auditing. See also Detective control and Corrective control.

One of three security control functions (preventative, detective, corrective), a corrective control is any measure taken to repair damage or restore resources and capabilities to their prior state following an unauthorized or unwanted activity. Examples of technical corrective controls include patching a system, quarantining a virus, terminating a process, or rebooting a system. Putting an incident response plan into action is an example of an administrative corrective control. See also Preventative control and Detective control.

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Network security is the practice of protecting your network from unauthorized access, misuse, or damage. It involves both technical and administrative controls that can help you prevent, detect, and respond to cyberattacks. In this article, we will discuss some of the key technical and administrative controls that you can implement to secure your network.

Technical controls are the hardware and software tools that you can use to enforce your network security policies. They include firewalls, antivirus, encryption, authentication, and monitoring systems. Firewalls are devices or programs that filter the traffic between your network and the internet, allowing or blocking certain packets based on predefined rules. Antivirus software scans your files and devices for malware and removes or quarantines them. Encryption is the process of transforming data into a secret code that only authorized parties can decipher. Authentication is the verification of the identity and credentials of users or devices that access your network. Monitoring systems are tools that collect and analyze data about your network activity, performance, and security events.

Administrative controls are the policies and procedures that you can use to govern your network security. They include user education, access control, backup and recovery, incident response, and auditing. User education is the process of training and informing your network users about the best practices and guidelines for network security. Access control is the restriction of the access rights and privileges of users or devices to the network resources that they need. Backup and recovery is the preparation and execution of plans to restore your network data and functionality in case of a disaster or a breach. Incident response is the process of identifying, containing, analyzing, and resolving network security incidents. Auditing is the evaluation and verification of your network security controls and compliance with the relevant standards and regulations.

Using both technical and administrative controls can help you secure your network in several ways. First, they can reduce the risk of cyberattacks by creating multiple layers of defense and deterrence. Second, they can improve the performance and efficiency of your network by preventing or minimizing disruptions and errors. Third, they can enhance the trust and reputation of your network by demonstrating your commitment and capability to protect your data and assets. Fourth, they can help you comply with the legal and ethical obligations and expectations of your network stakeholders.

Implementing and maintaining both technical and administrative controls can also pose some challenges for your network security. First, they can be costly and complex, requiring significant resources and expertise. Second, they can be vulnerable to human errors or malicious insiders, who can bypass or compromise your security measures. Third, they can be outdated or ineffective, as cyberthreats evolve and adapt to your security solutions. Fourth, they can create conflicts or trade-offs between security and usability, as some controls may limit or interfere with your network functionality or user experience.

3a8082e126