Physical Security Least sexy of the 10 domains
- Slides: 23
Physical Security “Least sexy of the 10 domains but the best firewall in the world will not stand up to a well placed brick. ”
Physical Security o o o Addresses threats, vulnerabilities, countermeasures to physically protect org’s resources & sensitive info Natural disasters Unauthorized entry and/or theft
Threats o o Risk analysis or business impact assessment identify threats Seven major sources of physical loss 1. 2. 3. 4. 5. 6. 7. Temperature Gases Liquids Organisms Projectiles Movement Energy Anomalies
Controls for Physical Security o Administrative Controls n o Emergency Procedures, Personnel control, & planning and policy implementation Physical & Technical Controls
Facility Requirements Planning o o o Planning done in early stages of construction of data facility Choosing a Secure Site Designing a Secure Site
Choosing a Secure Site o o o Visibility: neighbors, external markings Local Considerations: near possible threats, local crime rate Natural Disasters: weather related, earthquake fault Transportation: excessive air, highway or road traffic Joint Tenancy: HVAC controls, elecriticity External Services: local emergency, hospitals
Designing a secure site o o o o o Walls: fire ratings rooms & storage Ceilings: weight-bearing, fire rating Floors: weight bearing, static, electrical cables Windows: none or translucent & shatterproof Doors: resist forcible entry, fire rating, personnel safety is first Sprinkler systems: fire resistant rating of not less than 1 hour Liquid or gas lines: positive (outward) flow Air Conditioning: dedicated power circuits, positive air flow Electrical Requirements: dedicated circuits, alternative
Facility Security Management o Audit Trails n n n o Detecting security violations Performance Problems Design & programming flaws Include: date & time, successful or not, Where access granted, Who tried, data modified? Detective rather than preventative Emergency Procedures n Include: emergency shutdown procedures, Evacuation, Employee training, periodic tests
Administrative Personnel Controls o o Human resources department Pre-employment screening Ongoing employee checks Post-employment procedures
Environmental & Life Safety Controls o o “Physical controls necessary to sustain either computer’s operating environment (OE) or personnel’s OE” Main Areas: n n n Electrical Power Fire detection & suppression Heating, Ventilation, & Air Conditioning (HVAC)
Electrical Power o Noise n n o Brownouts & Sag (NYC 15% common) n o Radio frequency interference, EMI Cell phones, laptops, other ele. Equip. EMI eavesdropping Power line conditioning, proper shielding, grounding, magnets, fluorescent lights, electric motors, space heaters Surges & spikes when come back up Humidity n Low == static (20, 000 volts possible)
Fire Detection & Suppression o o Fire classes, combustibles, detectors, & suppression methods Factors in priority order: 1. 2. 3. 4. Life safety aspects Fire threat of installation to occupants & property Economic loss from computing function Economic loss from loss of equipment
Fire Classes & Combustibles o Classes A. B. C. 1. Common combustibles – water or soda acid Liquid – CO 2, soda acid, or halon Electrical – CO 2 or halon Fire requires: oxygen, heat, & fuel 1. Water: temperature, soda acid: fuel supply, CO 2 oxygen, halon: chemical reaction
Fire Detectors o Heat sensing n o Flame-actuated n o Infrared or pulsation of flame Smoke-actuated n o Predetermined temp or fast change In ventilation systems Automatic dialup fire alarm
Fire Extinguishing Systems o Water Sprinkler n o Wet Pipe, Dry Pipe, Deluge, or Preaction (combination of wet & dry pipe) Gas Discharge n n Pressurized inert gas CO 2 , halon, argonite, inergen
After the fire o Contamination n n o Smoke: little damage at first, residue Heat Water Suppression medium Water damage n n Shutoff power Move equipment Drain Wipe parts & spray
Physical & Technical Controls o o o Facility Control Requirements Facility Access Control Devices Intrusion Detection & Alarms Computer Inventory Control Media Storage Requirements
Facility Control Requirements o o o o Guards Dogs Fencing Mantrap Lighting Locks Closed Circuit TV
Facility Access Control Devices o Security Access Cards n n n o Wireless Proximity Readers n o Dumb: photo id Smart: digital coded smart card Smarter: processor on card Passive, field powered, transponders Biometric
Intrusion Detection & Alarms o Perimeter Intrusion Detectors n o Motion Detectors n o Photoelectric & dry contact switches Wave pattern (reflection), capacitance (electrical field), audio detectors Alarm Systems n n Local, central station, proprietary Line supervision
Computer Inventory Control o Physical PC Control n n n o Cable locks Port controls Switch Controls Peripheral Switch Controls Electronic Security Boards Laptops
Media Storage Requirements o Ongoing Storage n o Disposal n n o Access & Environment Clearing – overwriting (7 times min), Purging – Degaussing or overwriting, Destruction Erasing only changes FAT, Damaged sectors not changed, overwrite may not change cause new file shorter, Encryption of sensitive data
Simplest Way to check physical Security o “walk-about”
- Security check sexy
- Privat security
- Storage security domains
- Storage security domains
- Vds vehicle
- Cristen barker wikipedia
- Elise chassaing
- Pps sexy
- Pps sexy
- Greensboro sexshop
- China sexy xxxxx
- Erica weston hot
- Sex xsxx
- Sexy vds
- Diaporama pps adultes
- Sexy essay structure
- Cynthia freelund
- Topic sentence example for essay
- Ladies seeking nsa north collins newyork 14111
- Ingeborg beugel sexy
- Beth smith hot
- Erotic dirndl
- Nick fox sex
- Free adult naperville illinois chat line