PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

Slides:



Advertisements
Similar presentations
GCSE ICT Networks & Security..
Advertisements

Chapter 7: Physical & Environmental Security
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Springfield Technical Community College Security Awareness Training.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Property Management Overview
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Security+ Guide to Network Security Fundamentals
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
10 Essential Security Measures PA Turnpike Commission.
New Data Regulation Law 201 CMR TJX Video.
Administrative Practices Outcome 1
Air Force Association (AFA) 1. 1.Access Control 2.Four Steps to Access 3.How Does it Work? 4.User and Guest Accounts 5.Administrator Accounts 6.Threat.
The Impact of Physical Security on Network Security
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
Section Ten: Security Violations and Deviations Note: All classified markings contained within this presentation are for training purposes only.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Program Objective Security Basics
Understanding Security Layers
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
1.1 System Performance Security Module 1 Version 5.
Security and Privacy Strategic Global Partners, LLC.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
© CCI Learning Solutions Inc. 1 Lesson 5: Basic Troubleshooting Techniques Computer performance Care of the computer Working with hardware Basic maintenance.
Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.
INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.
Physical Site Security.  Personnel  Hardware  Programs  Networks  Data  Protection from:  Fire  Natural disasters  Burglary / Theft  Vandalism.
Chapter 2 Securing Network Server and User Workstations.
Chap1: Is there a Security Problem in Computing?.
Site Security Policy Case 01/19/ : Information Assurance Policy Douglas Hines, Jr.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Bailey Ryan.
Physical Security Katie Parker and Robert Tribbia Katie Parker and Robert Tribbia Computer Security Computer Security Fall 2008 Fall 2008.
Development of a Clean Room/Highly Restricted Zone June 12, 2012 Thomas Garrubba - CVS Caremark; Manager, Technical Assessments Group ©2011 The Shared.
Physical security By Ola Abd el-latif Abbass Hassan.
ANNUAL HIPAA AND INFORMATION SECURITY EDUCATION. KEY TERMS  HIPAA - Health Insurance Portability and Accountability Act. The primary goal of the law.
Physical Security Concerns for LAN Management By: Derek McQuillen.
Access Control Jeff Wicklund Computer Security Fall 2013.
Computer Security Sample security policy Dr Alexei Vernitski.
Physical Security Ch9 Part I Security Methods and Practice CET4884 Principles of Information Security, Fourth Edition.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Computer Security Keeping you and your computer safe in the digital world.
Kevin Watson and Ammar Ammar IT Asset Visibility.
Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.
INSIDER THREATS BY: DENZEL GAY COSC 356. ROAD MAP What makes the insider threat important Types of Threats Logic bombs Ways to prevent.
Unit 1: Protecting the Facility (Virtual Machines)
Module 5: Designing Physical Security for Network Resources
Administrative Practices Outcome 1
Introduction to Computers
Security in Networking
Things To Avoid: 1-Never your password to anyone.
County HIPAA Review All Rights Reserved 2002.
Dos and Don’ts.
Security of Data  
Managing the IT Function
Presentation transcript:

PHYSICAL SECURITY Attacker

Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad” network security, but that does not protect them from physical assault or theft of data.

Physical Security An example of this would be the recent identity theft incident at the Department of Veterans Affairs, which began with the theft of a company laptop.

Physical Security Increased importance Given the trend toward smaller, more lightweight PC components, physical security is growing increasingly important. It’s important to implement a physical access control program in a company and strictly enforce the measures.

Physical Security Attackers : Two Categories –Outside the company –From within the company

Physical Security Impact of an attack These attackers can often cause systems to fail, and they can compromise password-protected computers by using a removable hard drive to gain access. Attackers can directly access networks by adding or rearranging the connections, and they can easily steal physical objects if they're already on the inside.

Physical Security Preventing Outside attackers a. Natural barriers: landscape and terrain b. Fencing: type and construction c. Walls and ceiling construction: high risk areas d. Gate facilities: security checkpoints

Physical Security Preventing Outside attackers e. Frequency of patrols and security checks f. Door and window locations and security devices used g. Reception areas: location and control of entry h. Employee surveillance and vigilance i. Parking areas: entrance/exit, access to facility

Physical Security Armed Guards and Bulldogs are a good way to keep out attackers.

Physical Security Preventing attackers from within  Ex: Disgruntled or greedy employers or contactors.  It’s important to implement a physical access control program in a company and strictly enforce the measures.  If an attacker has physical access to a system they can wreak havoc.

Physical Security Guidelines for restricting personal access:  Create a badge program that includes an employee picture and possibly color-code specific areas of access.  Make it a policy to question anyone who doesn't have a visible ID badge.  Escort, observe, and supervise guests for their entire visit.

Physical Security Guidelines for restricting personal access:  Don't allow anyone – including vendors, salespeople, etc. – to connect personal laptops (or any other computing device) to the network.  Don't allow anyone to add hardware or software to computers without proper authorization. 0  Watch out for "tailgaters." These people wait for someone with access to enter a controlled area (such as one with a locked door) and then follow the authorized person through the door. Tailgaters enter without using their own key, card key, or lock combination.

Physical Security Enforcement

Physical Security Guidelines for protecting information and equipment access:  Place monitors and printers away from windows and areas where unauthorized persons could easily observe them.  Shred or otherwise destroy all sensitive information and media when it's no longer necessary.  Don't leave documents unattended at fax machines or printers.  Require all users to log off or power down workstations at the end of the working day.

Physical Security Guidelines for protecting information and equipment access:  Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of sight in a safe storage place overnight.  Don't allow the removal of computers or storage media from the work area or facility without ensuring that the person removing it has authorization and a valid reason.  Provide locks or cables to prevent theft, and lock computer cases.

Physical Security

Strong Room

Physical Security Strong Rooms / Server Room –This hardware contains highly sensitive information and access privileges that affect a company’s data system. –Only a select few administrators should have access to this room.

Physical Security Strong Rooms / Server Room The room should have increased security mechanisms to prevent unauthorized entry. There should be camera/personnel surveillance on the entrance to ensure security.

Physical Security Enforcement

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.