Different River

”You can never step in the same river twice.” –Heraclitus

April 7, 2005

Combining Physical and Information Security

Filed under: — Different River @ 5:11 pm

What do you do if you’re a highly educated, computer-literate former locksmith? You start a consulting firm of course — on the integration of physical security with computer/information security. 4A International is the new company, just launched this week by Steve Hunt.

You might think that, well, locksmithing and computer security might be the same in theory (letting the right people in and keeping the wrong people out), but totally different in practice. But they are actually closely related, especially for large organizations. You can’t protect your information unless you can physically protect your computers, and if you have something like an electronic card-key system to let, say, only your current employees into the building, then you can’t protect your building unless you protect your computers.

The “4A” in the name represents the “4 A’s” of security: authentication, authorization, administration, and audit. That is, making sure you are who you say your are, given you as much access as your are supposed to have and no more, the ability to make changes (adding and deleting people’s access is easier with electronic keys than metal “master” keys), and keeping track of what happened to make sure only the correct access occurred.

One Response to “Combining Physical and Information Security”

  1. Dave Schuler Says:

    Interesting niche. Since security seems to be a growth industry for the foreseeable future it’s something I’ve been considering myself. Since I see he’s in Chicago, I probably should check him out.

Leave a Reply

Powered by WordPress