Upload
gabriel-stevens
View
214
Download
0
Tags:
Embed Size (px)
Citation preview
Physical
(Environmental)
Security
2
Domain Objectives
•Define key concepts of physical security
• Goals and Purpose of Layered Defenses
• Principles in Site Location
• Building Entry Points
• Physical Security Principles for Information System’s Security within a Building
3
Information Security TRIAD
Availability
ConfidentialityIntegrity
Information Security
4
Domain Agenda
• Introduction
• Layered Defense Model
• Crime Prevention Through Environmental Design
• Facility and Infrastructure Criteria
5
Primary Physical Security Goal
WARNING
The protection of life is our PRIMARY goal
6
Goals of Physical Security
• Deter
• Delay
• Detect
• Assess
• Respond
7
Threats to Physical Security
• Natural/Environmental
• Utility Systems
• Human-Made/Political Events
8
Malicious Threat Sources and Countermeasures
• Theft
• Espionage
• Dumpster Diving
• Social Engineering and Shoulder Surfing
• HVAC Access
9
Domain Agenda
• Introduction
• Layered Defense Model
• Crime Prevention Through Environmental Design
• Facility and Infrastructure Criteria
10
Layered Defense Model
• Security through ‘layers’ of controls
• Multi-layered
• Starts with the perimeter, then building grounds, then building entry points, etc.
11
Layered Defense Model
Perimeter
Building
Entrance
Building Floors/
Office Suites
Offices/Data
Centers/Equipment,Supplies,
Media
Building Grounds
12
Perimeter and Building Boundary Protection
• Perimeter security controls are the first line of defense
• Protective barriers can be either natural or structural
13
Landscaping
• Ponds, Hedges
• Small Spiny Shrubs
14
Fences
• Federal, state, or local codes may apply
• No parking should be allowed near fences
15
Controlled Access Points
• Gates - minimum necessary
• Bollards
16
Perimeter Intrusion Detection Systems
• Detects unauthorized access into an area
17
Closed Circuit Television (CCTV)
• CCTV Capability Requirements
• Mixing Capabilities
• Virtual systems
18
CCTV Main Components
• CCTV - 3 Main Components
• Camera Lens
• Transmission Media
• Display Monitor
• Components must function together
19
Additional CCTV System Equipment
• Pan and Tilt Units
• Panning Device
• Mountings
• Switchers / Multiplexers
• Remote Camera Controls
• Infrared Illuminators
• Time/Date Generators
• Videotape or Digital Recorders
• Motion Detectors
• Computer Controls
20
CCTV Concerns
• Total Surveillance
• Size Depth, Height, and Width
• Lighting
• Contrast
21
Lighting
• Should be used with other controls
• Supports crime prevention
22
Types of Lighting
• Continuous Lighting
• Trip Lighting
• Standby Lighting
• Emergency Lighting
23
Building Entry Point Protection
• Locks
• Lock Components
24
Types of Locks
• Combination Locks
• Deadbolt Locks
• Keyless Locks
• Smart Locks
25
Lock Picking
• Lock Picking
• Locks are “pick-resistant,” not “pickproof”
26
Lock Security Measures
• Lock and Key Control System
• Key Control Procedures
• Combinations must be changed
• Fail-soft vs. Fail-secure
27
Guards and Guard Stations
• Guards
• Can provide a deterrent
• Guard Stations
28
Other Electronic Physical Controls
• Card Access
• Biometric Access Methods
29
Compartmentalized Areas
• Extremely Sensitive Location
• Most Stringent Security Controls
• Multi-layered Physical Access Controls
30
Data Center or Server Room Security
• Walls
• Multi-factor Access Controls
31
Computer Equipment Protections
• Computer equipment security
• Portable device security
• Objects placed inside security containers
32
Domain Agenda
• Introduction
• Layered Defense Model
• Crime Prevention Through Environmental Design
• Facility and Infrastructure Criteria
33
Crime Prevention Through Environmental Design
• Managing the physical environment to reduce crime
• Relationships between People and Environments
• Three Key Strategies of CPTED
34
Domain Agenda
• Introduction
• Layered Defense Model
• Crime Prevention Through Environmental Design
• Facility and Infrastructure Criteria
35
Site Location Considerations
• Site Security Considerations
• CPTED part of this Process
36
Facility Construction Considerations
• Doors
• Windows
• Entry Points
37
Infrastructure Support Systems
• Infrastructure Support Systems
• Key Threats to Support Systems
38
Fire Concerns
• Best Practices
• Abiding by the Fire Codes
• Fire Containment System (floors, vents, HVAC)
• Fire Extinguishing System (permanent & mobile)
• Fire Prevention Training and Drills
39
Fire Protection
• Fire Prevention
• Fire Detection
• Fire Suppression
40
Fire Types and Suppression
Class Type Suppression Agents
Common combustibles
Water, foam, dry chemicals
LiquidGas, CO2, foam, dry chemicals
ElectricalGas, CO2, dry chemicals
Combustible metals
Dry powders
KCooking Media (fats)
Wet chemicals
41
Halon Gas
• Restricted by1987 Montreal Protocol
• Many jurisdictions require removal of Halon
• Replacement alternatives for Halon
42
Other Infrastructure Threats
• Gas Leakage
• Water Threats
• Loss of Electrical Power
• Loss of HVAC
43
Types of Electrical Power Faults
• Complete Loss of Power
• Power Degradation
• Interference (noise)
44
Domain Summary
• Define key concepts of physical security
• Goals and purpose of layered defenses
• Principles in site location
• Building entry points
• Physical security principles for information system’s security within a building
“SecurityTranscendsTechnology”