![Page 1: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/1.jpg)
1
12. Physical Security
ISA 562Internet Security Theory & Practice
![Page 2: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/2.jpg)
2
Objectives
Goals and purpose of layered security Principles in site location Building entry points Physical security principles for information
system’s security within a building
![Page 3: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/3.jpg)
3
Information Security TRIAD
Physical (environmental) security domain supports all three of CIA
Need to consider physical risks that could happen to IS, Environment in which systems operate Take risk mitigating, cost-effective security
countermeasures
![Page 4: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/4.jpg)
4
Physical security Physical security includes:
Layered defense model Crime prevention through environmental design Facility and infrastructure criteria
Primary goal Life safety is the prime goal in physical security. In emergencies. organization must ensure safety
of personnel before safety of the facility or equipment.
![Page 5: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/5.jpg)
5
Goals of physical security Deterrence for Crime and disruption
Convince threat agent not to attack Fence, Security Guards, etc
Delay to reduce damage If attacked, delay long enough to detect and respond
Before damage to IS or information occurs Layers of Defense, barriers, etc.
Detection of crime or disruption Develop capability to detect attacks that cannot be delayed
forever. For example install Smoke Detectors, CCTV, etc
Assessment Once detected, assess the method of attack, the target, and
remediation Respond procedures
Take appropriate actions without overreacting (fire suppression, Emergency response, etc)
![Page 6: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/6.jpg)
6
Threats to physical security Natural/environmental Utility systems Human-made/politics events Malicious threat sources and countermeasure
Theft Countermeasure: Strong Access controls, IDS, locked doors, etc.
Espionage Countermeasure: good hiring process, background checks, etc.
Dumpster Diving Countermeasure: proper disposal policy and procedure, etc
Social engineering and shoulder surfing Countermeasure: employee awareness program, etc
HVAC Access Countermeasure: section lock downs to control access, smoke
sensor, etc
![Page 7: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/7.jpg)
7
Layered defense model Security through “layers” of controls-Mutli–
layered: perimeter, grounds, building entrances
![Page 8: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/8.jpg)
8
Perimeter and building boundary protection: landscaping
Perimeter security controls: first line of defense Protective barriers either natural or structural
Offer Natural barriers, such as terrain Structural barriers fences, gates, bollards, and
facility walls Landscaping
Ponds, hedges can provide a barrier or entry point Spiny shrubs make it harder for an intruder to enter
![Page 9: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/9.jpg)
9
Fences /controlled access points Fences
Enclose Security areas and designate property boundaries Meet gauge and fabric specifications, etc
Federal, state, or local codes may apply No parking near fences Gates – minimum number needed. Bollards
variety of sizes and shapes depending on use Retractable ones are designed for traffic control Provide security against vehicles ramming into or
stopping near buildings Lighted bollards can be used for lighting controls along
parks, paths, and sidewalks
![Page 10: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/10.jpg)
10
Perimeter intrusion detection systems
Detects unauthorized access into an area Some of the characteristics are:
Photoelectric Active infrared beam that triggers an alarm when crossed.
Ultrasonic Ultrasound energy bounced off the floors, walls, objects.
The receiver detects the foreign signal change caused by the intruder and sounds the alarm
Microwave Receiver diode picks up transmitted and bounced energy
waves in an enclosure. Intruder disrupts the waves and activities
Passive infrared Where objects radiate IR with the heat of their bodies.
Detector notes change and triggers an alarm Pressure sensitive
Detects pressure on the sensor or surrounding area
![Page 11: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/11.jpg)
11
Closed Circuit Television (CCTV)
CCTV an excellent tool for security. Not a simple security device.
blind-spots, motion detection systems, and workplace privacy.
CCTV capability requirements Detection Recognition Identification
Mixing capabilities Provide joint capabilities
Virtual CCTV Systems Fake systems that are installed as a deterrent
![Page 12: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/12.jpg)
12
CCTV main components
CCTV have three main components: Camera lens
Fixed Zoom Automatic iris Fresnel lens
Transmission media Wired or Wireless
Display monitor National television System Committee (NTSC) Phase Alternative Line (PAL)
![Page 13: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/13.jpg)
13
Additional CCTV system equipment
Pan and tilt units Panning device Mountings Switchers/multiplexers Remote camera controls Infrared illuminators Time/date generators Videotape or digital recorders Motion detectors Computer controls
![Page 14: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/14.jpg)
14
CCTV concerns
Total surveillance
Size depth, height, wand width
Lighting
Contrast
![Page 15: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/15.jpg)
15
Lighting Use with other controls Support crime prevention Type
Continuous A series of fixed lights arranged to flood a given area
during hours of limited visibility Trip
activated by sensor that detects activity such as movement or heat
Standby Like continues lighting but lights not always on but are
turned on either automatically or manually when suspicious activity suspected.
Emergency Is used for power failures or other emergencies that render
normal system inoperative
![Page 16: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/16.jpg)
16
Building entry point protection Locks
Considered delay devices and not foolproof barriers to entry
Lock components Lock body Strike and strike plate Key Cylinder
Types of locks Combination Deadbolt Keyless Smart
![Page 17: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/17.jpg)
17
Lock picking /security measures Lock picking
Basic picking tolls are tension wrench and pick Locks are “pick-resistant”, not “pickproof” Lock and key control system Key control procedures
Who has access to keys? To whom are the keys issued? Key inventory
Combination locks must be changed Every twelve months and when possibly compromised,
etc Fail-soft vs. Fail-secure
![Page 18: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/18.jpg)
18
Other important Controls Guards and guard stations
provide a deterrent Electronic physical controls
Card Access Biometric Methods
Compartmentalized areas Extremely sensitive location and most stringent security controls Multi-layered physical access controls
Data Center/ server room security Wall solid, of fire-proof material and permanent part of floor and
ceiling Multi-factor access controls
Computer equipment protections Laptop and portable device security
Docking stations, tracing software, etc. Computer equipment security
Protecting the device, data, etc Objects placed inside security containers
Safes, vaults, etc
![Page 19: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/19.jpg)
19
Crime prevention through environmental design
Managing the physical environment Relationships between people and
environments Three key strategies of CPTED (Crime
Prevention through Environmental Design) Territoriality Surveillance Access control
![Page 20: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/20.jpg)
20
Site and Facility considerations Site security
Location of building Where to build Surroundings
Highway Airport Military base, etc
CPTED should be part of the process Facility security
Entry points Primary & secondary Entrances Windows, etc
Doors Hollow-Core versus solid-core Isolation of critical areas Lighting of doorways, etc
Windows Standard plate glass Tempered glass, etc
![Page 21: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/21.jpg)
21
Infrastructure Infrastructure support systems
Electrical power water/plumbing Steam lines, etc
Key threats to support the system Fire- Damage & destruction of facilities Water-flooding/dripping Power loss- Disruption/ stop operations Gas leakage-explosion HVAC failure-overheating/overcooling, etc
![Page 22: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/22.jpg)
22
Fire Concerns
Abiding by fire codes Fire containment system Fire extinguishing system Fire prevention training and drills
Protection Fire prevention Fire detection Fire suppression
![Page 23: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/23.jpg)
23
Fire types and suppression common combustion ( fuel, oxygen, etc)
Suppression: water, foam, dry chemicals liquid
Suppression: gas, CO2, foam, dry chemicals
Electrical Gas, CO2, dry chemicals
Combustible metals Dry powders
Cooking Media Wet chemicals
![Page 24: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/24.jpg)
24
Halon Gas Restricted by 1987 Montreal protocol
Halon is no longer used due to this, and many jurisdictions require its removal
Alternative replacements are: PFC-410 or CEA-410,PFC-218 or CEA-308, etc Water CO2
![Page 25: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/25.jpg)
25
Electrical power faults Complete loss of power
Blackout Fault
Power Degradation Brownout Sag/Dip Surge Transients Inrush Current Electrostatic Discharge
Interference (noise) Electromagnetic Interference (EMI) Radio Frequency Interference (RFI)
![Page 26: 1 12. Physical Security ISA 562 Internet Security Theory & Practice](https://reader036.vdocuments.net/reader036/viewer/2022062308/56649dc65503460f94abb1fb/html5/thumbnails/26.jpg)
Reference
ISC2 CBK Material
26