Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.

Slides:



Advertisements
Similar presentations
Practical Preparations Planning for Safety and Emergencies.
Advertisements

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
CPTED and Crime Free Multi-Housing at the Regional Municipality of Wood Buffalo Mark Kay, CPP, PCIP, CCTP Crime Prevention Community Liaison ACCPA.
Presentation Retail Security Key Holding Mobile Patrols Access Control Systems Manned Security Receptionist CCTV Monitoring.
1 Introduction to Security Chapter 15 Institutional Security.
Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.
Physical Security John Schwertfeger Security Manager Duane Arnold Energy Center.
Chapter 5 Enhancing Security Through Physical Controls
Crime Prevention Through Environmental Design
SECURITY HARDWARE & TECHNOLOGY CCPOA REGION 3 TRAINING CLASS MAY 11, 2011.
Crime Prevention Through Environmental Design
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.
Information Security Principles and Practices
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.
Security Devices A modern security system, with its array of electronic components, is designed to sense, decide, and act. The security system senses events.
You need to have them in place, You hope you don’t need to use them.
Three Lines of Defense Presented by the Arapahoe County Sheriff’s Office.
Introduction to Network Defense
AUDITING INFORMATION SYSTEMS SECURITY. AUDIT OF LOGICAL ACCESS USE OF TECHNIQUES FOR TESTING SECURITY USE OF INVESTIGATION TECHNIQUES.
Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.
Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.
Chapter 6.  Natural environmental threats  Supply system threats  Manmade threats  Politically motivated threats.
Physical Security By: Christian Hudson. Overview Definition and importance Components Layers Physical Security Briefs Zones Implementation.
Occupational Safety and Health 6 th Edition Lecture Notes By: Dr. David Goetsch.
Chapter 18 Institutional Security. Special Security Institutions  Hospitals and other health care facilities.  Educational institutions.  Libraries.
Securing Critical Chemical Assets: The Responsible Care ® Security Code Protection of Hazardous Installations from Intentional Adversary Acts European.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 16 “Physical and Infrastructure.
Note1 (Admi1) Overview of administering security.
Physical (Environmental) Security
Viewing Information Systems Security. The basic objectives of Information Security are the same as the basic objectives of EDP auditing. They are: 1.To.
Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.
Security Administration. Links to Text Chapter 8 Parts of Chapter 5 Parts of Chapter 1.
Chap1: Is there a Security Problem in Computing?.
Certified Protection Officer Program. Chapter 1 Unit 1 Concepts and Theories of Asset Protection Pages 3-11.
Physical Security Katie Parker and Robert Tribbia Katie Parker and Robert Tribbia Computer Security Computer Security Fall 2008 Fall 2008.
The Need for Access Control & Perimeter Protection
Tom Lenart & John Field CT DEMHS Region 2.  Department of Emergency Services and Public Protection (DESPP)  Commission on Fire Prevention and Control.
Department of Computer Science Chapter 4 Physical and Environment Security Semester 1.
SEC 420 Entire Course (UOP) For more course tutorials visit  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection.
SEC 420 Entire Course (UOP) SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection Officers Paper 
INMM Nuclear Security and Physical Protection Technical Division.
Physical Security Ch9 Part I Security Methods and Practice CET4884 Principles of Information Security, Fourth Edition.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 13 – Physical and.
SEC 420 aid Expect Success/sec420aiddotcom FOR MORE CLASSES VISIT
SEC 420 UOP professional tutor / sec420dotcom.  SEC 420 Entire Course (UOP)  SEC 420 Week 1 DQ 1 (UOP)  SEC 420 Week 1 Individual Assignment Responsibilities.
SEC 420 Entire Course For more classes visit SEC 420 Week 1 Individual Assignment Responsibilities of Personal Protection Officers.
Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.
Unit 1: Protecting the Facility (Virtual Machines)
Module 18 National Preparedness. Postmaster, Levels Module 18Slide - 2 Facility, Personal & Vehicle Security Workroom Floor Access Keys Arrow Keys.
Module 8 Risk Management. Manager, Customer Services Module 8Slide - 2 Objective The learner will be able to: –Develop an understanding of Security Responsibility.
Physical and Technological Security
Risk management.
Crime Prevention Through Environmental Design
A Holistic Approach to School Security
SEC 420 Competitive Success-- snaptutorial.com
SEC 420 Competitive Success-- snaptutorial.com
SEC 420 Education for Service-- snaptutorial.com
SEC 420 Education for Service-- snaptutorial.com
SEC 420 Teaching Effectively-- snaptutorial.com
SEC 420 Teaching Effectively-- snaptutorial.com
Chapter 7: RISK ASSESSMENT, SECURITY SURVEYS, AND PLANNING
Objectives Telecommunications and Network Physical and Personnel
Physical Security.
Securing Critical Chemical Assets: The Responsible Care® Security Code
FACILITY TARGET HARDENING
Presentation transcript:

Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456

Physical Security Theft Vandalism Environmental threats – Floods, earthquakes, tornadoes, fires Power outages

Physical Security Most people in information security do not think about physical security Many facilities are built with functionality or aesthetics in mind with not as much concern for physical security A security professional needs to regard security as a holistic process

Physical Security Need to evaluate physical security from the standpoint of a potential criminal to remedy vulnerabilities Recognize potential for civil suits for not practicing due diligence and due care regarding physical security

Physical Security Both safety and security Safety – Protection of life and assets against fire, natural disasters, and accidents Security – Vandalism, theft Protection of life is primary

Layered Defense Fences, walls, security guard, locked rooms Deterrence – Fences, security guards Delaying – Locks

Layered Defense Detection – Smoke detectors, motion detectors Response procedure – File suppression mechanism, law enforcement notification Incident Assessment – Determine the damage level

Good Security Enables employees to do their jobs Encourages attackers to move on to easier targets

Planning Laws and Regulations Risk Analysis – Vulnerabilities, Threats, Business Impact Acceptable level of risk by management Implement countermeasures Performance based approach – Metrics of effectiveness (page 433)

CPTED Crime Prevention Through Environmental Design Different from target hardening – Make it a pleasant place Hedges and planters should be no more than 2.5 feet high so they cannot be used to gain access to windows.

CTPED Data center in center of building Natural access control – Guidance for people enter and leaving the building – Figure 5-2 on page 438 Natural Surveillance – Clear lines of sight to discourage criminals – Figure 5.3 on page 441

CTPED Natural Territorial Reinforcement – Physical design to create a sense of community that must be protected – Illegal activities will not be ignored

Designing a Physical Security Program Assess the protection levels of existing facilities Regulations (e.g. OSHA, EPA) Legal issues Should have Facility Safety Officer

Facility Site Selecting a site (Page 445) Example: – Telecommunication facility containing critical infrastructure No sign Hard to see from the road

Facility Construction Major items that need to be addressed from a physical security point of view. – Pages – Identify the threats – Fire code

Entry Points Weakest points are doors and windows Also, door hinges Doors – Hollow-core = kicked-in or cut – Solid-core Mantraps

Entry Points Windows – Where security and aesthetics comes to blows – Standard glass Common in residences Easily broken – Window Types on page 452 Internal Partitions – Figure 5-4 on page 453

Computer Room Most computer equipment can be controlled remotely. Do not need personnel in data center. Only one entry and exit. In the core of the building. Not in the basement. Flooding. Restricted area. Not directly accessible from public areas.

Computer Room Away from water pipes. Emergency OFF. Allow employees to leave before gas fire suppression is released.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.