Physical and Environmental Security Chapter 5 Part 2 Pages 457 to 499

Protecting Assets Laptop thefts Cost to replace stolen items – Productivity – Reputation – Cost to restore lost data

Laptop Thefts Page 457 list Tracking software Safe for backups

Electric Power August 2003, 8 east coast states and portions of Canada lost power for several days Need a plan for fall back for storms, hardware failure, lightning and other disruptions of power

UPS Uninterrupted Power Supply Figure 5-6 on page 460 Standby UPS – Inactive until power failure – Switch to battery pack Online UPS Systems – AC Voltage line charges, constantly provide power – Most faster than standby

UPS Some just provide enough power to gracefully shutdown Others will allow systems to run for a longer period of time. Should be tested periodically

Line Noise Figure 5-7 on page 461 RFI – Radio Frequency Interference EMI – Electromagnetic Interference

Voltage Fluctuations Page 462 list When an electrical device is turned on it can draw a large amount of current (in-rush current). This can cause a sag in current for surrounding devices. It is a good idea to have the data center on a different wiring segment

Voltage Fluctuations Surge – A common problem – Storms, lightning – Surge protector Blackout – Voltage drops to zero Brownout – High demand such as a heatwave

Voltage Fluctuations Voltage regulators and line conditioners to ensure clean and smooth distribution of power. Figure 5-8 on page 464 List on page 465

Shutoff Valves Figure 5-9 on page465 Gas – in case of fire Water – in case of water pipe break

Environment & Electronic Equipment High humidity – corrosion Low humidity – static electricity – Spark from your finger several thousand volts – Winter and dry climates – Preventive step on page 467

Environment & Electronic Equipment Low Temperature – stop working High Temperature – Table 5-1 on page 466 Ventilation – Closed-loop filters and recycles air Positive pressurization – outside air does not enter Dust – clogs up fans

Fire Fire Prevention – Train employees to react properly when faced with a fire

Fire Detection Ignition – Combustible materials, malfunctioning heating devices, arson Computer systems are not combustible Electric fires are caused by overheating of wire insulation or overheating of electrical components that ignite surrounding plastic

Fire Detection Smoke activates – Figure 5-11 on page 470 Heat activated – Fixed Temperature – Rate-of-rise of temperature Quicker, more false positives Figure 5-12 on page 471 – Where the wiring is

Fire Suppression Page 472 – Figure 5-2 Page 473 – Figure 5-3 – Halon has not been manufactured since 1992 HVAC should shutdown in case of fire so smoke is not spread throughout the building

Water Sprinklers In a electrical fire, water can increase the intensity of the fire because it can work as a conductor for electricity Wet pipe – water in pipe Dry pipe – water in holding tank until it is released Preaction – Not held in pipe. Released when pressurized air within the pipe is reduced.

Perimeter Security Layered Defense Figure on page 476 Two modes 1.When the facility is open 2.When the facility is closed

Facility Access Control “Having personnel in sensitive areas is one of the best security controls because they can personally detect suspicious behavior.” Entrances and Exits – Figure 15-4 on page 417

Locks Locks can be picked or broken. Ward Lock – Figure 5-16 on page 479 Tumbler Lock – Figure 5-17 on page 479 Combination Lock Cipher Lock – Use keypad

Administrative Responsibility Key maintenance and procedures Lock choice Master Key, Submaster keys, individual keys

Circumventing Locks Tension wrench – Holds down internal cylinders while figuring out next cylinder

Personnel Access Control Identification of person attempting to access the facility – Biometric – Smart Card – Photo ID – Key – Card with PIN or Password Piggybacking

External Boundary Protection Bullets on pages Fences – Height (Pages 485-6) – Gauge and Mesh (Page 486) – Classification (Page 487) Bollards – Small concrete pillars

Lighting Unlit parking areas invite car break ins and attacking employees. Higher wattage more illumination. If the area has clean concrete and light- colored painted surfaces, then not as much illumination is required. Direct lighting toward where intruders will come from and away from security forces.

Lighting Direct lighting toward where intruders will come from and away from security forces. (glare protection). Responsive illumination – When IDS detects suspicious activity. – Turn on CCTV cameras to scan for intruders. Protect against lights being turned off or power cut to them.

Surveillance Devices Closed –Circuit TV (CCTV) – Figure 5-10 on page 491 – Considerations for purchase Internal or External Areas Large or small area Lit, unlit, sunlight – Charged-coupled devices (CCD) Light to electronic signals Extraordinary details

CCTV “When both wide scenes and close-up captures are needed, zoom lens is best.”

Intrusion Detection Systems Sense changes in the environment Perimeter scanning device – Figure 5-22 on page 494 Strip of foil embedded in a window Pressure pad under a carpet Photoelectric system detects change in a light beam

Security Guards – Costly – Screening is important – Need to be trained Dogs – Detect intruders – Hearing and sight outperforms humans