Please enable JavaScript.
Coggle requires JavaScript to display documents.
Physical Security (Physical Security Controls (Fire Security and Safety…
Physical Security
Physical Security Controls
ID Cards and Badges
Ties physical security with information access control
Serve as simple form of biometrics (Facial recognition)
Should not be only means of control as cards can be easily duplicated, stolen, modified
Tailgating occurs when unauthorized individual follows authorized user through control
Locks and Keys
Two types of locks : Mechanical and Electromechanical
Locks can be divided into 4 categorizes : manual, programmable, electronic, biometric
Locks fail and alternative procedures for controlling access must be put in place
Locks fail in one of two ways:
Fail-safe lock
Fail-secure lock
Mantrap
Small enclosure that has entry point and different exit point
Individuals enters mantrap, requests access, and if verified, is allowed to exit mantrap into facility
Individual denied entry is not allowed to exit until security official overrides automatic lock of enclosure
Electronic Monitoring
Records events where other types of physical controls are impractical or incomplete
May use cameras with video recorders; include closed- circuit television (CCT) systems
Drawbacks:
Reactive; does not prevent access or prohibited activity
Recording often are not monitored in real time; must be reviewed to have any value
Alarms and Alarm Systems
Alarm systems notify when an event occur
Detect fire, intrusion, environmental disturbance, or an interruption in services
Rely on sensors that detect event;eg. motion dectors, smoke detectors, thermal detectors
Computer Rooms and Wiring Closets
Require special attention to ensure confidentiality, integrity, and availability of information
Logical controls easily defeated if attackers gain physical access to computing equipment
Custodial staff (Janitors often the least scrutinized persons who have access to offices; are given greatest degree of unsupervised access
Interior Walls and Doors
Information asset security sometimes compromised by construction of facility walls and doors
Facility walls typically either standard interior or firewall
High-security areas must have firewall-grade walls to provide physical security from potential intruders and improve resistance to fires
Doors allowing access to high security rooms should be evaluated
Recommended that push or crash bars be installed on computer rooms and closets
Physical Security Controls
Fire Security and Safety
Most serious threat to safety of people who work in an organization is possibility of fire
Fires account for more property damage, personal injury, and death than any other threat
Imperative that physical security plans examine and implement strong measures to detect and respond to fire
Fire Detection and Response
Fire suppression systems:
devices installed and maintained to detect and respond to fire
Deny an environment of heat, fuel, or oxygen
Water and water mist systems
Carbon dioxide systems
Soda acid systems
Gas-based systems
Fire Detection
Fire detection systems fall into 2 general categories: Auto/Manual
Part of a complete fire safety program includes individuals that monitor chaos of fire evacuation to prevent an attacker accessing offices
There are three basic types of fire detection systems:
1.Thermal detection
2.Smoke detection
3.Flame detection
Fire Suppression
Systems consist of portable, manual, or automatic apparatus
Installed systems apply suppressive agents; usually either sprinkler or gaseous systems
Failure of Supporting Utilities and Structural Collapse
Supporting utilities(heating, ventilation, and air conditioning; water; and others) have significant impact on continued safe operation of a facility
Each utility must be properly managed to prevent potential damage to information and information systems
Uninterruptible Power Supply
Incase of power outage, UPS is backup power source for major computer systems
Water Problems
Surplus of water, or water pressure, poses a real threat(Flooding, Leaks)
Very important to integrate water detection systems into alarm system that regulate overall facilities operations
Structural Collapse
Unavoidable forces can cause failures of structures that house organization
Structures designed and constructed with specific load limits; overloading these limits results in structural failure and potential injury or loss of life
Periodic inspections by qualified civil engineers assist in identifying potentially dangerous structural conditions