Physical security (see Chapter 12, Physical Security and Environmental Controls) protects an organization and its computing assets and resources from damage, destruction, and theft. Logical security is not the opposite of physical security. Rather, it's another part of security as a whole. Logical security has the same overall objectives as physical security—to protect, prevent, detect, and deter intrusions against a very valuable resource for any organization.
In this chapter, we will look at the various methods, procedures, and technology used to implement logical security policies to safeguard the data, software, and computing assets of an organization. We will cover the following topics:
- Access control
- Data encryption
- Data retention and disposal
- Physically destroying a disk drive
- OS, system, application, and hardware hardening
