1 / 18

Physical Security

Physical Security. By: Christian Hudson. Overview. Definition and importance Components Layers Physical Security Briefs Zones Implementation. Definition.

marlis
Télécharger la présentation

Physical Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Physical Security By: Christian Hudson

  2. Overview • Definition and importance • Components • Layers • Physical Security Briefs • Zones • Implementation

  3. Definition • Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, theft, vandalism, natural disasters, and terrorism.

  4. Is physical security important? • Significance is underestimated • Breaches in action require no technical background • Accidents and natural disasters are inevitable so preparation is necessary

  5. Components • Accidental and environmental disasters • Placing obstacles • Idea is to confuse attacker, delay serious ones, and attempt to avoid the inevitable • Monitoring and notification systems • Security mechanisms to monitor and detect potential harm or violations • Alarms, security lighting, security guards or closed-circuit television cameras (CCTV)

  6. Components (cont.) • Recovery mechanisms • To repel, catch or frustrate attackers when an attack is detected • Intrusion handling

  7. Layers • Environment Design • First layer of physical protection • Consists of external design void off intruders • May include objects like barbed wire, warning signs, fencing, metal barriers, and site lighting

  8. Layers (cont.) • Mechanical and electronic access control • Prevents intruders or unauthorized users to direct access to physical components • Includes gates, doors and locks

  9. Layers (cont.)

  10. Layers (cont.) • Monitoring system • Less of a preventative measure • Used more for incident verification and analysis • Most common mechanism is CCTVs

  11. Layers (cont.) • Intrusion Detection • Monitors for attacks • Less of a preventative measure • More of an response mechanism • Alarms/Notification

  12. Physical Security Briefs • Security site brief • Security policies used for the framework of preventing the access to a physical setting • Security design brief • Security policies used for the layout or design for a physical entity (may be coding, layout for servers, access control, etc)

  13. Zoning • Public Zone • Public has access to this area of a facility and its surrounding • Examples are facility grounds, elevator lobbies, etc • Reception Zone • Zone which entail the transition from a public zone to a restricted-access area of control • Typically means where the contact of visitors and a department is initiated

  14. Zones (cont.) • Operations Zone • An area where access is limited to personnel who work at facility and to escorted visitors • Production floors and open office areas • Security Zone • An area to which access is limited to authorized personnel and to authorized and escorted visitors • Area where secret information is processed/stored

  15. Layers (cont.) • High Security Zone • An area where access is limited to authorized, appropriately screened personnel and authorized and properly escorted visitors • A general example would be an area where high-value assets are handled by selected personnel

  16. Implementation • State the plan’s purpose • Define the areas, buildings, and other structures considered critical and establish priorities for their protection • Define and establish restrictions on access and movement of critical areas • Categorize restrictions

  17. Questions?

  18. References and Resources • Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005. • http://64.233.167.104/search?q=cache:0xtkul7lJOgJ:www.tess-llc.com/Physical%2520Security%2520PolicyV4.pdf+physical+security+policy&hl=en&ct=clnk&cd=1&gl=us • http://en.wikipedia.org/wiki/Physical_Security • http://www.rcmp-grc.gc.ca/tsb/pubs/phys_sec/g1-026_e.pdf • http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci1150976,00.html • http://tldp.org/HOWTO/Security-HOWTO/physical-security.html

More Related