Security+ safety is another common goal of security. This refers to the safety of both individuals and an organization’s assets. You can always replace things, but you cannot replace people, so safety of people should always be a top priority. The following bullets identify some things to consider for both people and assets.
- Safety of people. Some of the biggest risks for people occur during disasters, such as fires, earthquakes, hurricanes, and tornadoes. Organizations develop business continuity plans to prepare for these disasters. These plans include items such as escape plans and escape routes. They also ensure personnel are aware of these plans by holding drills and training. You can read more about business continuity in Chapter 9 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide,
- Safety of assets. A wide variety of physical security controls helps ensure the safety of assets. These include elements such as fencing around a building, lighting, locks, and closed-circuit television (CCTV) systems to provide video monitoring. Chapter 2 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide covers physical security controls in more depth.
Organizations test these plans and controls to ensure that they operate as expected. For example, one method of testing controls is to ensure that the escape routes are valid by actually following the route.
Some systems sacrifice security of physical assets to protect people. For example, imagine that the entrance doors to a data center use electronic locks. A fire might result in a power loss, trapping people inside. This isn’t acceptable. As an alternative, electronic doors are often designed to fail-open for personnel safety. If the system loses power, the electronic doors will fail in an open state. Unfortunately, if criminals know this, they might decide to destroy the electronic lock or kill power to the building to gain access. Another safety option is to include a method of manually opening the door.
Beyond confidentiality, integrity, and availability, safety is another common goal of security. For example, adding fencing and lighting around an organization’s property provides safety for personnel and other assets. Similarly, adding stronger locks and door access systems increases safety. Exit doors with electronic locks typically fail in an open position so that personnel can exit safely.
Security+ Safety Practice Question and Answer
Management at your company recently decided to implement additional lighting and fencing around the property. Which security goal is your company MOST likely pursuing?
A. Confidentiality
B. Integrity
C. Availability
D. Safety
Answer D is correct. Lighting and fencing are two methods that can enhance the security goal of safety.
Confidentiality is enhanced with encryption and access controls.
Integrity is enhanced with hashing, certificates, and digital signatures.
Availability is enhanced with redundancy and fault-tolerance procedures.
Understanding Core Security Goals
Safety (this page)
