Terms in this set (55)

  • What does a physical security domain provide?
    protection techniques for the entire facility, from the outside perimeter to the inside office space, including all of the information system resources.
  • Physical Security
    1)The physical measures & their associated procedures to safeguard & protect against: -Damage -Loss -Theft 2)Implementing controls that discourage attackers by convincing them that the cost of attacking is greater than the value received from the attack.
  • What is the primary goal of Physical Security?
    Life Safety Safety of people is the primary concern.
  • Goals of Physical Security
    1)Deter 2)Delay 3)Detect 4)Assess 5)Respond
  • Threats to Physical Security
    -Natural/Environmental (e.g., earthquakes, floods, storms, hurricanes, fires) -Utility Systems (e.g., communication outages, power outages) -Human-Made/Political Events (e.g., explosions, vandalism, theft, terrorist attacks, riots)
  • Crime Prevention Through Environmental Design
    The physical environment of a building is changed or managed to produce behavioral effects that will assist in reducing the incidence and fear of crime.
  • Three Key Strategies of Crime Prevention Through Environmental Design
    1)Territoriality - people protect territory that is their own 2)Surveillance - high degree of visual control 3)Access Control - limit access and control the flow of access
  • Site Location
    Security should include where the building is and how it should be built.
  • Facility/Construction Issues
    Walls, Windows, and Doors Entry Points
  • Prevention at Doors
    -Hollow-core versus solid-core -Isolation of critical areas -Lighting of doorways -Contact Devices (switches) -Mantraps (double door systems)
  • Door Safety
    -Do not block exit doors -Provide sufficient and appropriate lock mechanics -Hinges securely fixed to the frames -Frame securely fixed to the adjoining wall.
  • Prevention at Windows
    -Standard plate glass -Tempered glass -Acrylic materials -Polycarbonate windows - glass and polycarbonite combinations combine the best quality of glass and acrylics -Laminated Glass -Wired Glass -Solar Window Films -Window Security Films -Glass Breakage Sensors
  • Infrastructure Support Systems
    electrical power, water/plumbing, steam, gas lines, and heating, ventilation, air conditioning (HVAC), and refrigeration
  • Prevention from Fire
    -Fire Containment System (floors, vents, HVAC) -Fire Extinguishing System (permanent & mobile) -Abiding by the Fire Codes -Fire Prevention Training and Drills
  • How to deal with Fire (3 items)
    -Fire Prevention - reduce causes of fire. -Fire Detection - receive warnings of fire before it becomes a problem. -Fire Suppression - how to extinguish and contain a fire to minimize damage.
  • Fire Prevention
    -Use fire resistant materials for walls, doors, furnishings, etc. -Reduce the amount of combustible papers around electrical equipment. -Provide fire-prevention training to employees - remember, life safety is the most important issue. -Conduct fire drills on all shifts so that personnel know how to safely exit a building.
  • Fire Detection
    -Ionization-type smoke detectors detect charged particles in smoke. -Optical (Photoelectric) detectors react to light blockage caused by smoke. -Fixed or rate-of-rise temperature sensors - heat detectors that react to the heat of a fire. -Combinations are usually used for the best effectiveness in detecting a fire.
  • Fire Suppression Agents
    -Carbon Dioxide (CO2) extinguishers provide a colorless, odorless chemical that displaces oxygen in the air. -Halon gas - contains a white bromine powder produced in chlorofluorocarbon compounds (CFC) factor in the depletion of the ozone layer. -FM200 most effective alternative - requires 7% concentration (Halon requires 5%)
  • Fire Suppression
    Water Sprinkler Systems -Water could be a conductor of electricity - it may compound the problems in computer rooms. -Water can cause damage to electrical equipment. -"Pre-action" or "dry-pipe" system - water is held back by a valve and is released when the sensor activates.
  • Gas Threats
    Gas Leakage -Identify Location and Test the main Shut-Off valve -Secure the Natural Gas Line (using layered defenses) -Communicate Natural Gas Line Design to Fire Department -Clearly mark Shut-off Valves
  • Water Threats
    1)Water Detection Sensors -Raised Floors -Emergency Shut-off Valves -Server room above ground level 2)Water pipes not located above server rooms
  • Electrical Power
    1)Disruptions in electrical power can have a serious business impact. 2)Goal is to have "clean and steady power." -Dedicated feeders -Alternate power source -Access Controls -Secure breaker and transformer rooms.
  • Electrical Power Countermeasures
    Power Loss -Surge Suppressors -UPS and UPS Testing -Electrical Facilities separated from Data Center -Generators
  • Electrical Power Considerations
    Electric Power Controls - 'clean power' -Have an Emergency Power Off (EPO) switch that allows someone to shut down the power. -Install a power line monitor that detects and records fluctuations in frequency and voltage. -Ensure there is enough backup power to conduct an orderly shutdown to avoid data loss or device damage.
  • Electrical Power Outages
    1)Blackout -Prolonged loss of commercial power 2)Fault -Momentary loss of power
  • Electrical Power Degradation
    1)Brownout -Intentional reduction of voltage by the utility company for a prolonged period of time 2)Sag/Dip -A short period of low voltage 3)Surge -Sudden rise in voltage in the power supply 4) Transients -Line noise that is superimposed on the supply circuit can cause a fluctuation in power. 5)Inrush Current -The initial surge of current required when there is an increase in power demand. 6)Electrostatic Discharge -A power surge generated by a person or device contacting another device and transferring a high voltage shock.
  • Noise
    A natural occurrence that happens when unwanted signals are generated in circuits that are in close proximity. Typically, this disrupts the affected circuit 1)Electromagnetic Interference (EMI) -Caused by motors, lightning, etc. 2)Radio Frequency Interference (RFI) -Created by components of electrical system -Caused by electric cables, fluorescent lighting, truck ignition
  • Heating, Ventilation and Air Conditioning Issues(HVAC)
    1)HVAC computerized controls -Location -Access controls 2)Appropriate maintenance of -Temperature -Humidity levels -Air quality 3)Independence of the data center air conditioning system from the rest of the building. 4)Documented maintenance procedures
  • What are the goals of physical controls?
    The goals of physical controls are to prevent, delay, detect, assess, and appropriately respond to a physical intrusion.
  • What are examples of threats to physical security?
    Natural or environmental, utility system, and human-made factors can all pose threats to physical security.
  • What are the three key strategies for crime prevention through environmental design?
    The three key strategies for crime prevention through environmental design are territoriality, surveillance, and access control.
  • What is the most important factor to remember when implementing physical security controls?
    The most important concept to remember when implementing physical security controls is to ensure the safety of people.
  • Layered Defense Model
    -Approaching security through 'layers' of controls -Multi-layered -Starts with the perimeter, then building grounds, then building entry points, etc.
  • Perimeter and Building Grounds Boundary Protection
    1)Perimeter security controls are the first line of defense. 2)Protective barriers can be either natural or structural. -Natural protective barriers offer terrains that are difficult to cross, such as mountains, bodies of water, deserts, etc. -Structural barriers are devices such as fences, gates, bollards, and facility walls. 5)Gates -The portions of a wall or fence system that control entrance and/or egress by persons or vehicles and complete the perimeter of the defined area.
  • Perimeter and Building Grounds Boundary Protection - Landscaping
    Landscaping -Shrubs or trees can provide a barrier or an entry point. -Spiny shrubs make it harder for an intruder to cross the barrier.
  • Perimeter and Building Grounds Boundary Protection - Fences
    Fences -Are used to enclose security areas and designate property boundaries. -Should meet specific gauge and fabric specifications. -High-security areas may need a "top guard" (barb wire at the top). -Should meet certain height and location provisions. -Fences must be checked and repaired on a regular basis. -Fence fabric must be securely attached to poles. -Be sure that vegetation or adjacent structures cannot provide a "bridge" over the fence.
  • Perimeter and Building Grounds Boundary Protection - Gates
    Gates -The portions of a wall or fence system that control entrance and/or egress by persons or vehicles and complete the perimeter of the defined area
  • Perimeter and Building Grounds Boundary Protection - Bollards
    Bollards -A rising post designed for use in traffic control and protecting property premises. -Provides security against vehicles ramming into, or stopping near buildings. -Lighted bollards can be used for lighting controls along parks, paths, sidewalks, etc
  • Perimeter and Building Grounds Boundary Protection - Perimeter Intrusion Detection Systems
    Perimeter Intrusion Detection Systems -Photoelectric -Ultrasonic -Microwave -Passive infrared (PIR) -Pressure-Sensitive
  • Perimeter and Building Grounds Boundary Protection - Closed Circuit Television (CCTV)
    Closed Circuit Television (CCTV) -A television transmission system that uses cameras to transmit pictures by a transmission medium to connected monitors. -The transmission media can use wired or wireless technologies.
  • Perimeter and Building Grounds Boundary Protection - CCTV Levels
    CCTV Levels -Detection - the ability to detect the presence of an object. -Recognition - the ability to determine the type of object. -Identification - the ability to determine the object details.
  • Perimeter and Building Grounds Boundary Protection - CCTV - Key Success Items
    CCTV - Key Success Items -Understand the facilities total surveillance requirements. -Determine the size of the area to be monitored - depth, height, and width - to know what size camera lens is needed. -Lighting is important - different lamps and lighting provide various levels of effectiveness. 'Contrast' between the object and background
  • Perimeter and Building Grounds Boundary Protection - Lighting
    is the illumination of a locale, typically by artificial means such as light fixtures or lamps Features: -Good lighting is one of the most successful crime preventive measures. -When used properly, light discourages unlawful activity, improves natural observation, and decreases fear. -Typically used with other controls, such as fences, patrols, alarm systems.
  • Building Entry Point Protection - Locks
    Locks -Most accepted and used physical security device -Considered delay devices and not foolproof bars to entry - they are easily defeated -All lock types are subject to force and special tools that can be used to gain entry -Should be just one aspect of many physical security controls
  • Building Entry Point Protection - Guard Stations
    Guard Stations -Security forces (guards) can provide a deterrence to unauthorized entry. In some cases, may also prevent unauthorized entry.
  • Building Entry Point Protection - Card Access Controls or Biometric Systems
    Card Access Controls or Biometric Systems -Smart cards, Magnetic Stripe cards, Proximity Cards, etc. -Fingerprint, retina scans, signature dynamics, voice recognition, hand geometry, etc.
  • Inside the Building: Building Floors, Office Suites, Offices - Compartmentalized Areas
    Compartmentalized Areas -Defines a location where sensitive equipment is stored and where sensitive information is processed. -Must have a higher level of security controls. -To be effective, they need an appropriate access control system.
  • Inside the Building: Building Floors, Office Suites, Offices -Intrusion Detection Systems
    Intrusion Detection Systems 1)Can be installed on: -Windows, -Doors, -Ceilings, -Walls, or -Any other entry points such as ventilation openings or air conditioning openings. 2)Detect a change in: -Electrical circuits -Light beams -Sounds -Vibrations -Motion -Capacitance due to penetration of an electrostatic field
  • Data Center or Server Room Security - Walls
    Walls -To the extent possible, walls should not form part of an external building. -Walls should extend from the floor to the underside of the above floor slab (slab to slab)
  • Data Center or Server Room Security - Access Controls
    Access Controls 1)Depending on the sensitivity of the information, and value of the equipment, electronic access controls may need to be installed -Smart Cards -Biometric Devices -Locks
  • Computer Equipment Protections - Portable Device Security
    Portable Device Security -Involves protecting the device, protecting the data on the device, and keeping the security controls easy for the user. 1)Portable device security includes items such as: -Locking mechanisms for docking stations -Tracing software -Audible motion alarm -Encryption software -Constant control procedures -Inventory system -Anti-virus software
  • Object Protection
    Objects are placed inside security containers such as safes, vaults, or locking file cabinets. -Should be theft-resistant and fire-resistant. -Steel containers with a locking device. -Create good lock combinations, change them frequently, and monitor the distribution
  • What is closed circuit television?
    Closed circuit television is a television transmission system that uses cameras to transmit pictures by a transmission medium to connected monitors.
  • What are examples of building entry point protection?
    Doors, windows, locks, guard stations, card access controls, and biometric systems are examples of building entry point protection.
  • What are some of the key controls for data center or server room security?
    Walls, doors, support systems, and access controls are some of the key controls for data center or server room security.