Travel Reference
In-Depth Information
ACCESS LIMITATION
The concept of access limitation refers to limiting physical access to spe-
cific locations and limiting those persons having access to particular
information. The former concept is easy to conceptualize in theory but is
often less so in practice. For example, the physical safety of corporate
employees will require the establishment of security procedures to control
access to the site and admit only those persons with legitimate business
inside. These steps have the added benefit of preventing unauthorized
persons from gaining entry to production facilities, research areas, and
other areas where company-sensitive information might be found. Visitors
must be escorted to ensure that no one can “accidentally” wander into a
design center or research lab. The difficulty with access control often
comes in regard to friends or close business associates of those working at
the facility. Our open and easygoing nature as Americans leads us to be
hospitable to those who visit us. Remember that even friends and relatives
require escorts. If a rival company or foreign power really believed that a
product, concept, or idea being developed in your company had substan-
tial value or could undermine a competitor's market share or a nation's
economy, it will attempt to target those individuals with access to that
information. How difficult would it be for a rival corporation or govern-
ment to have an intelligence operative befriend one of your employees?
Seduction also has been a tool since time immemorial. Men and women
have been romanced, seduced, and even married by operatives seeking
only to gain access to information. While this may sound far-fetched, it
happens with regularity.
The second component of access limitation relates to specific items.
This concept is very simple and follows along the lines of the classifica-
tion system itself. Basically, the need a person has to see a certain type of
document determines the security classification given to that person. An
employee with a need to see sensitive documents is given a clearance level
of “Sensitive” or “Secret” or whatever you choose to call it. That person
now has unrestricted access to documents identified with that level of
secrecy. Documents of extraordinary sensitivity may be limited to a spe-
cial level of clearance given to individuals on a case-by-case basis. This is
comparable with the “Eyes Only” classification you may have read about
in a Tom Clancy novel.
The issue of limitation must extend to the creation of a method to
prevent the unauthorized removal of a sensitive document, even by an