ISO/IEC 27001 Control 7.1: Physical security perimeters


Security perimeters should be defined and used to protect areas that contain information and other associated assets.

Necessity of MidPoint

MidPoint's contribution to implementation of this control is marginal.

Implementation of the control is mostly outside the scope of identity governance and administration (IGA), therefore midPoint cannot provide significant advantage. However, midPoint can still provide minor supporting information and functionality.

Implementation Overview

MidPoint can provide supportive role, recording perimeters for applications.

Implementation Details

MidPoint organizational structure can be used to model the perimeters as locations. Applications can be assigned to the perimeters, enabling use of perimeters in access control policies. Policy rules can be used to set up some supportive policies, e.g. allowing access to some applications only if user has a physical access token for appropriate perimeter. Additionally, reporting capabilities can be used detect suspicious cases, e.g. application access granted to users that do not share a location with the application.


This control is all about physical security, which is out of reach of midPoint. However, midPoint can play a marginal supportive role by keeping list of security perimeters and their relationships to applications. Some policy rules might be applicable as well.

Was this page helpful?
Thanks for your feedback