Contenu connexe

Similaire à Physical Security.ppt(20)


Physical Security.ppt

  1. Physical Security By: Christian Hudson
  2. Overview  Definition and importance  Components  Layers  Physical Security Briefs  Zones  Implementation
  3. Definition  Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, or institution. This includes protection from fire, theft, vandalism, natural disasters, and terrorism.
  4. Is physical security important?  Significance is underestimated  Breaches in action require no technical background  Accidents and natural disasters are inevitable so preparation is necessary
  5. Components  Accidental and environmental disasters  Placing obstacles  Idea is to confuse attacker, delay serious ones, and attempt to avoid the inevitable  Monitoring and notification systems  Security mechanisms to monitor and detect potential harm or violations  Alarms, security lighting, security guards or closed- circuit television cameras (CCTV)
  6. Components (cont.)  Recovery mechanisms  To repel, catch or frustrate attackers when an attack is detected  Intrusion handling
  7. Layers  Environment Design  First layer of physical protection  Consists of external design void off intruders  May include objects like barbed wire, warning signs, fencing, metal barriers, and site lighting
  8. Layers (cont.)  Mechanical and electronic access control  Prevents intruders or unauthorized users to direct access to physical components  Includes gates, doors and locks
  9. Layers (cont.)
  10. Layers (cont.)  Monitoring system  Less of a preventative measure  Used more for incident verification and analysis  Most common mechanism is CCTVs
  11. Layers (cont.)  Intrusion Detection  Monitors for attacks  Less of a preventative measure  More of an response mechanism  Alarms/Notification
  12. Physical Security Briefs  Security site brief  Security policies used for the framework of preventing the access to a physical setting  Security design brief  Security policies used for the layout or design for a physical entity (may be coding, layout for servers, access control, etc)
  13. Zoning  Public Zone  Public has access to this area of a facility and its surrounding  Examples are facility grounds, elevator lobbies, etc  Reception Zone  Zone which entail the transition from a public zone to a restricted-access area of control  Typically means where the contact of visitors and a department is initiated
  14. Zones (cont.)  Operations Zone  An area where access is limited to personnel who work at facility and to escorted visitors  Production floors and open office areas  Security Zone  An area to which access is limited to authorized personnel and to authorized and escorted visitors  Area where secret information is processed/stored
  15. Layers (cont.)  High Security Zone  An area where access is limited to authorized, appropriately screened personnel and authorized and properly escorted visitors  A general example would be an area where high-value assets are handled by selected personnel
  16. Implementation  State the plan’s purpose  Define the areas, buildings, and other structures considered critical and establish priorities for their protection  Define and establish restrictions on access and movement of critical areas  Categorize restrictions
  17. Questions?
  18. References and Resources  Bishop, Matt. Introduction to Computer Security. Massachusetts: Pearson Education, Inc., 2005.  - security+policy&hl=en&ct=clnk&cd=1&gl=us   ,,sid14_gci11 50976,00.html  security.html