A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides

11 Examples of Security Controls

 , updated on December 12, 2016
IT security controls are actions that are taken as a matter of process, procedure or automation that reduce security risks. They may be identified by security audits or as a part of projects and continuous improvement. The following are illustrative examples of IT security controls.

Authentication

Employees are required to pass multi factor authentication before gaining access to offices.

Audit Trail

A web server records IP addresses and URLs for each access and retains such information for a period of time as an audit trail.

Training

Employees are trained in defensing computing on an annual basis.

Peer Review

Design changes to a critical system require a secure code review.

Communication

Employees are prohibited from attaching documents to internal emails as they can easily be misaddressed. Instead, employees send a link to a document management system that offers authentication and authorization.

Incident Management

Any employee who loses an electronic device that has been used for work is required to report an incident immediately.

Cryptography

Data in storage is encrypted on all devices.

Passwords

Systems perform validation to ensure employees choose strong passwords.

Processes

An IT governance process reviews security incidents on a monthly basis.

Automation

A website places a three hour freeze on a customer's account if they get their password wrong five times. This dramatically reduces the potential for brute force attacks.

Configuration Management

Changes to firewall rules require an approved change request.

Security Testing

Major system software releases are required to undergo security testing.
Overview: IT Security Controls
TypeInformation Security
IT Controls
DefinitionActions that are taken as a matter of process, procedure or automation that reduce security risks.
Related ConceptsInformation Security
IT Controls
Defensive Computing

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Data Breach
Data Remanence
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Fatigue
Proof Of Work
Sandbox
Security Controls
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Data Backup

Several data backup techniques compared.

Strong Password

A few examples of what makes a password strong or weak.

Personal Information

A definition of personal information with examples.

Cybersecurity

A definition of cybersecurity with examples.

Public Network

A definition of public network with examples.

Sandbox

A definition of sandbox with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map