Please enable JavaScript.
Coggle requires JavaScript to display documents.
Physical Security - Coggle Diagram
Physical Security
Objectives
To address the threats, vulnerabilities, and countermeasures which can be utilized to physically protect an enterprise’s resources and sensitive information to include people, facilities, data, equipment, support systems, media, and supplies.
To discuss considerations for choosing a secure site, its design and configuration, and the methods for securing the facility against unauthorized access, theft of equipment and information, and the environmental and safety measures needed to protect people, the facility, and its resources.
Agenda
Physical Security Threats
Site Design and Configuration
Physical Security Requirements: For Centralized Computing Facilities, For Distributed Processing Facilities, For Extended Processing
Computing Facility Requirements
Windows/Openings: Opaque, Shatterproof, Bulletproof, Placement
Computer and Equipment Room Lay Out: Equipment Access, Storage, Occupied Areas, Cable Routing
Air Conditioning: Positive Pressure, Protected Air Intakes, Independent Power, Emergency Shut Off Controls, Monitoring :
Flooring: Load bearing rating, Raised floor, Fire rating, Non-electric-conducting material
Electrical design
Fire considerations
Internal Partition Problems
Data Centre Placement
Jangan diletakkan di puncak gedung (preventif kebakaran)
Jangan diletakkan di basement gedung (preventif banjir)
Sebaiknya di tengah (core) bangunan
Computer Room
Dulu mainframe dikendalikan operator dari dekat, sekarang remote
Ruangan bisa lebih kecil dan efisien, kurang penting memperhatikan faktor manusia (karena tidak ada manusia!)
Rack mounted system
Close to wiring distribution centre
Single point of entry
Single Point of Entry to Computer Room
Backup
MTBF & MTTF
Electrical Power
Sumber power bila gagal
Backup Power Function
Gangguan aliran listrik
Environmental Issues
Fire
Fire Prevention & Protection
Personnel Access Controls
Access Controls – Locks
Preset Locks and Keys
Programmable Locks
Access Controls - Tokens
Security Card Systems
Dumb Cards
Digital Coded (Smart) Cards
Types of Access Cards
Access Controls - Biometrics
Fingerprint/Thumbprint Scan
Blood Vein Pattern Scan: Retina, Wrist, Hand
Hand Geometry
Facial Recognition
Voice Verification
Keystroke Recorders
Problems: Cost, Speed, Accuracy
Physical Security in Distributed Processing
Extended Processing Physical Security Controls
Boundary Protection
Area Designation: Facilitates Enforcement
Vehicular Access
Personnel Access: Occupants, Visitors (Escort & Logging)
Dogs
Fences: Deter Casual Trespassing, Compliments Other Access Controls, Aesthetics, Won’t Stop Determined Intruder
Lighting: Entrances, Parking Areas, Critical Areas
Perimeter Detection Systems: Does Not Prevent Penetration, Alerts Response Force, Requires Response, Nuisance Alarms, Costly
CCTV: Efficiency, Requires Human Response, Limitations
Staffing: Access Control Points, Patrols, Employees