Software Development, QA, Anti-Piracy Essay Example | Topics and Well Written Essays - 1000 words

Software Development, QA, Anti-Piracy - Essay Example al havoc upon corporate entities, the strategies which companies employ for both the design and implementation of their corporate policies are of singular importance. Referring to both theory and practice, this essay will investigate the strategies companies utilize for the design and implementation of their security policies. Todorov (2007) highlights the imperatives of implementing physical security policies. Even while conceding to the importance of automated, computer-mediated security systems, Todorov (2007) contends that the importance of physically securing sensitive sites within a company cannot be overlooked. Concurring, Fernandez and Sinibaldi (2003) explain that the securitization of sensitive physical sites within a corporate structure is comprised of four principle components. First is the management of physical locations, whereby the access control system policy should be designed and implemented with the purpose of controlling access to locations/sites. Second is the control of who may access a restricted room. As different types of employees may have access to different areas/sites within the company, it is necessary to implement an authentication and authorization role-based access control system. The said role-based access control system does not simply identify who may and may not acces s particular sites but keeps logs with appropriate auditing facilities of the employees who entered each room at any particular time and date. Thirdly is the design and implementation of application interfaces which allow administrators to create new permissions, users and locations which, in turn, would allow supervisors to generate audit reports to survey access to rooms and to allow users to change passwords, among others (Fernandez and Sinibaldi, 2003). The often technology mediated securitization of access to physical sites is dictated by the imperatives of ensuring that no unauthorized persons are able to gain access to sensitive data or, indeed,