Physical Security -

Physical Security -

Physical Security Least sexy of the 10 domains but the best firewall in the world will not stand up to a well placed brick. Physical Security Addresses threats, vulnerabilities, countermeasures to physically protect orgs resources & sensitive info Natural disasters Unauthorized entry and/or theft Threats

Risk analysis or business impact assessment identify threats Seven major sources of physical loss 1. 2. 3. 4. 5. 6. 7. Temperature Gases Liquids Organisms Projectiles Movement Energy Anomalies

Controls for Physical Security Administrative Controls Emergency Procedures, Personnel control, & planning and policy implementation Physical & Technical Controls Facility Requirements Planning

Planning done in early stages of construction of data facility Choosing a Secure Site Designing a Secure Site Choosing a Secure Site Visibility: neighbors, external markings Local Considerations: near possible threats, local crime rate

Natural Disasters: weather related, earthquake fault Transportation: excessive air, highway or road traffic Joint Tenancy: HVAC controls, elecriticity External Services: local emergency, hospitals Designing a secure site

Walls: fire ratings rooms & storage Ceilings: weight-bearing, fire rating Floors: weight bearing, static, electrical cables Windows: none or translucent & shatterproof Doors: resist forcible entry, fire rating, personnel safety is first Sprinkler systems: fire resistant rating of not less than 1 hour Liquid or gas lines: positive (outward) flow Air Conditioning: dedicated power circuits, positive air flow Electrical Requirements: dedicated circuits, alternative Facility Security Management Audit Trails

Detecting security violations Performance Problems Design & programming flaws Include: date & time, successful or not, Where access granted, Who tried, data modified? Detective rather than preventative Emergency Procedures Include: emergency shutdown procedures, Evacuation, Employee training, periodic tests

Administrative Personnel Controls Human resources department Pre-employment screening Ongoing employee checks Post-employment procedures Environmental & Life Safety Controls

Physical controls necessary to sustain either computers operating environment (OE) or personnels OE Main Areas: Electrical Power Fire detection & suppression Heating, Ventilation, & Air Conditioning (HVAC) Electrical Power Noise

Brownouts & Sag (NYC 15% common) Radio frequency interference, EMI Cell phones, laptops, other ele. Equip. EMI eavesdropping Power line conditioning, proper shielding, grounding, magnets, fluorescent lights, electric motors, space heaters Surges & spikes when come back up Humidity

Low == static (20,000 volts possible) Fire Detection & Suppression Fire classes, combustibles, detectors, & suppression methods Factors in priority order: 1. 2. 3. 4. Life safety aspects Fire threat of installation to occupants & property

Economic loss from computing function Economic loss from loss of equipment Fire Classes & Combustibles Classes B. Common combustibles water or soda acid Liquid CO2, soda acid, or halon C. Electrical CO2 or halon A.

Fire requires: oxygen, heat, & fuel Water: temperature, soda acid: fuel supply, CO2 oxygen, halon: chemical reaction Fire Detectors Heat sensing Flame-actuated

Infrared or pulsation of flame Smoke-actuated Predetermined temp or fast change In ventilation systems Automatic dialup fire alarm Fire Extinguishing Systems Water Sprinkler

Wet Pipe, Dry Pipe, Deluge, or Preaction (combination of wet & dry pipe) Gas Discharge Pressurized inert gas CO2 , halon, argon, argonite, inergen After the fire Contamination

Smoke: little damage at first, residue Heat Water Suppression medium Water damage Shutoff power Move equipment Drain Wipe parts & spray

Physical & Technical Controls Facility Control Requirements Facility Access Control Devices Intrusion Detection & Alarms Computer Inventory Control Media Storage Requirements Facility Control Requirements

Guards Dogs Fencing Mantrap Lighting Locks Closed Circuit TV Facility Access Control Devices Security Access Cards

Wireless Proximity Readers Dumb: photo id Smart: digital coded smart card Smarter: processor on card Passive, field powered, transponders Biometric Intrusion Detection & Alarms Perimeter Intrusion Detectors

Motion Detectors Photoelectric & dry contact switches Wave pattern (reflection), capacitance (electrical field), audio detectors Alarm Systems Local, central station, proprietary Line supervision Computer Inventory Control Physical PC Control

Cable locks Port controls Switch Controls Peripheral Switch Controls Electronic Security Boards Laptops Media Storage Requirements Ongoing Storage

Disposal Access & Environment Clearing overwriting (7 times min), Purging Degaussing or overwriting, Destruction Erasing only changes FAT, Damaged sectors not changed, overwrite may not change cause new file shorter, Encryption of sensitive data

Simplest Way to check physical Security walk-about

Recently Viewed Presentations

  • Metabolism - Anaerobic Respiration & Fermentation Lecture ...

    Metabolism - Anaerobic Respiration & Fermentation Lecture ...

    The SPO Virtual Classrooms offer many educational resources, including practice test questions, review questions, lecture PowerPoints, video tutorials, sample assignments and course syllabi. New materials are continually being developed, so check back frequently, or follow us on Facebook (Science Prof...
  • ANCIENT EGYPT I - Primary Resources

    ANCIENT EGYPT I - Primary Resources

    LO: to use relative clauses beginning with who, which, where, why, whose, that, or an implied pronoun. What is a pronoun? Pronouns are words that you use to replace nouns. They can make your writing flow better and easier to...
  • Predicting zero-day software vulnerabilities through data ...

    Predicting zero-day software vulnerabilities through data ...

    Predicting zero-day software vulnerabilities through data mining--Second Presentation. Su Zhang
  • ENVI 21 Life in the Ocean - University of San Diego

    ENVI 21 Life in the Ocean - University of San Diego

    Cnidaria Anthozoa More species than Hydrozoa or Scyphozoa No medusa stage Polyps more complex than in other classes Gut contains septa to add surface area for ...
  • CCNA5.0 Instructor PPT

    CCNA5.0 Instructor PPT

    Generally, older protocols, such as RIP, are slow to converge, whereas modern protocols, such as EIGRP and OSPF, converge more quickly. ... Show ip protocolscommand displays the IPv4 routing protocol settings currently configured on the router, for IPv6, use show...
  • Supported Education - OSECE

    Supported Education - OSECE

    Supported Education Models. Supported education has been defined as a promising practice by the Substance Abuse and Mental Health Services Administration (SAMHSA) which has developed a Toolkit to guide the implementation. The University of Kansas also developed a model for...


    METHODS IN BEHAVIORAL RESEARCH Author: Kimberly Foreman Last modified by: mahalakshmi.r Created Date: 1/22/2006 10:44:44 PM Document presentation format: On-screen Show Company: KIM'S LAPTOP Other titles
  • Traffic Flow - University of Washington

    Traffic Flow - University of Washington

    Other Concepts Free-flow speed (uf) Jam density (kj) Capacity (qm) Speed vs. Density Flow vs. Density Speed vs. Flow 3-D Model Example Traffic - Time of Day Patterns Primary References Mannering, F.L.; Kilareski, W.P. and Washburn, S.S. (2005). Principles of...