We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Internet

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Are Security Controls?

Mary McMahon
By
Updated: May 17, 2024
Views: 4,183
Share

Security controls are measures an organization can take to increase the security of its information technology systems. These include personnel-related activities along with steps like physically securing computers, using aggressive software to identify and remove threats, and protecting the integrity of data. Organizations that handle sensitive data have a duty of care to their clients and shareholders to protect it using such controls. These can also be necessary on computer systems at government agencies, where the release of information could compromise national security.

A number of activities fall under security controls. One is the control of staff members. Companies can use background checks to determine who should have access to information, and may restrict information to a need-to-know basis. Personnel do not need access to data from other sections of a company, for example, and could pose a security risk if they could get to information stored by other departments. Companies can also limit administrative access to make it difficult for employees to change settings that might compromise security.

Computer systems can be kept secure both physically and technologically. Sensitive systems can be kept in locked facilities, and personnel who carry laptops, tablets, and other portable devices may need to exercise precautions to prevent unauthorized access to their equipment. Technical security controls can include firewalls, the use of anti-virus software, and other steps to limit access to a computer and prevent the spread of potential security threats.

A network as a whole also needs to be secure. Individual computers can be weak links in the chain, but so can the network itself. Staff put in charge of security controls maintain a secure network and identify weak points as quickly as possible. They balance the need between tight control and user access. Some controls might be highly beneficial from a security standpoint, but would be hard to implement because they would inconvenience users.

Some organizations may follow generally accepted standards and practices when it comes to security controls. They rely on their personnel to keep their computer systems safe and in regulatory compliance, if applicable. Agencies that hold financial information, for example, need secure databases and networks and can be subject to legal penalties if their systems are not up to standard. Other organizations may develop custom protocols to meet specific needs. A security consultant can assist with the process of developing an appropriate security program for a company.

Share
WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Mary McMahon
By Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a WiseGeek researcher and writer. Mary has a liberal arts degree from Goddard College and spends her free time reading, cooking, and exploring the great outdoors.

Editors' Picks

Discussion Comments
Mary McMahon
Mary McMahon

Ever since she began contributing to the site several years ago, Mary has embraced the exciting challenge of being a...

Learn more
Share
https://www.wisegeek.net/what-are-security-controls.htm
Copy this link
WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.