Essential Cybersecurity Controls (ECC – 2 : 2024) 2-14-3 Requirement:
- The cybersecurity requirements for physical protection of information and technology assets must include at least the following:
- Authorized access to sensitive areas within the organization (e.g., data center, disaster recovery center, sensitive information processing facilities, security surveillance center, network cabinets).
- Facility entry/exit records and CCTV monitoring.
- Protection of facility entry/exit and surveillance records.
- Secure destruction and re-use of physical assets that hold classified information (including documents and storage media).
- Security of devices and equipment inside and outside the organization’s facilities.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.