Join Lisa Bock for an in-depth discussion in this video Ensuring physical protection of buildings and hardware, part of IT Security Foundations: Network Security.
- Physical security is one of the most overlooked forms of security there is today. Any object can be stolen, damaged, destroyed, or observed by an unauthorized individual. Four security principles will help achieve better physical security. Detecting and locating intruders as early as possible. Monitoring and assessment, or determination of the cause of the intrusion. How did they get in? We also want to delay intruders as long as possible.
We don't want them to achieve their goal, and we want to respond quickly to prevent intruders from achieving their ultimate objective. In planning for physical security, we want to design with security in mind. If we take a look here at the designing of a courthouse, this is a federal building. Now, with designing for security in mind, we don't want it to look like a prison or a fortress. We have to keep in mind the aesthetic look of it, while providing security.
It also has to be comfortable, and provide easy access in egress of the individuals that inhabit that building. Along with designing with security in mind, we have to promote security education, training, and awareness. For example, if we put in a keyless entry system, we would also tell those that are using it to notify someone if someone tries to get in without using the keyless entry system. For example, saying they forgot their smartcard, and can I come in without using it? They should be told to go back up to the reception or another authorized individual to obtain entry into the restricted area.
We also want to create and incidence response plan. Meaning, what do we do in case of an obvious breach? Who do I call? Who do I notify? What steps do I need to take? Possible physical breach, there will be indications. For example, damage to a door or fence. Was it there before? Has anyone been notified? Missing or unaccountable items, or items that all of a sudden appeared. Why are they there? Does anyone know about this item? And loss of communications not explained by the Internet Service Provider.
We want to follow up with that. What happened? Exterior protection includes physical barriers to slow down a would-be intruder. Now, the gates are one thing, but we also want to include lighting. Sufficient lighting on the exterior of the building. We don't want to have areas where someone could hide or conceal themselves to gain access to restricted areas. Doors. Doors have to have sufficient against them, but we also want to make sure that those that are inside can have easy egress outside in case of an emergency.
And windows. Considerations of the windows include factors such as how high off of the ground should they be? Should they be opened? Would we want to put some kind of bars on those windows? But again, be cautious of those who need to get out in case of an emergency. Alarms on the windows, and do we want some type of diffusion or shading on those windows so someone can't see inside? Inside of the building, and designing for security in mind is one thing, but we also have to take a look at the outside in.
The manholes, crates, and store drains. Now grant it, an organization might not be something that is public, or federal, or a prison. Those are areas that could lead to access inside of your building. Also take a look at roof openings. Are there any? Is anyone able to gain access to the roof, and then get in through somewhere on the roof? Building HVAC systems also should be looked at. Could this be an entry point into the building? And fire escapes and building walls.
Fire escapes are very important in case of a fire. But are they too easy to access by someone on the bottom trying to get into the building? Interior protection includes a number of different components, such as secure rooms, including vaults, or strong rooms. And then we also want to include physical access controls. Those might include sophisticated biometric systems, such as an iris scan, or a fingerprint reader, or other devices such as mechanical or electronic devices.
Any type of mechanism that would stop a would-be attacker from simply traipsing through your building should be in place. Some as simple as a receptionist will slow someone down. When designing for physical security in mind, we have some physical security goals as well. Early detection and location of the intruders is a very important concept. We want to delay those intruders as long as possible from achieving their goal, and responding as quickly as possible to any intrusion attempts, and then afterwards assess or determine the cause of the intrusion to prevent any further breaches.
Note: This training maps to a number of the exam topics on the Microsoft Technology Associate (MTA) Security Fundamentals exam (98-367). See https://www.microsoft.com/learning/en-us/exam-98-367.aspx for more information.
- Implementing secure content management (SCM)
- Implementing unified threat management (UTM)
- Introducing VLANs
- NAT addressing
- Network sniffing
- Understanding common attack methods, such as password attacks
- Protecting clients with antivirus software
- Implementing physical security