Presentation is loading. Please wait.

Presentation is loading. Please wait.

Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.

Published byDouglas Hart Modified over 9 years ago

Similar presentations

Presentation on theme: "Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456."— Presentation transcript:

1 Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456

2 Physical Security Theft Vandalism Environmental threats – Floods, earthquakes, tornadoes, fires Power outages

3 Physical Security Most people in information security do not think about physical security Many facilities are built with functionality or aesthetics in mind with not as much concern for physical security A security professional needs to regard security as a holistic process

4 Physical Security Need to evaluate physical security from the standpoint of a potential criminal to remedy vulnerabilities Recognize potential for civil suits for not practicing due diligence and due care regarding physical security

5 Physical Security Both safety and security Safety – Protection of life and assets against fire, natural disasters, and accidents Security – Vandalism, theft Protection of life is primary

6 Layered Defense Fences, walls, security guard, locked rooms Deterrence – Fences, security guards Delaying – Locks

7 Layered Defense Detection – Smoke detectors, motion detectors Response procedure – File suppression mechanism, law enforcement notification Incident Assessment – Determine the damage level

8 Good Security Enables employees to do their jobs Encourages attackers to move on to easier targets

9 Planning Laws and Regulations Risk Analysis – Vulnerabilities, Threats, Business Impact Acceptable level of risk by management Implement countermeasures Performance based approach – Metrics of effectiveness (page 433)

10 CPTED Crime Prevention Through Environmental Design Different from target hardening – Make it a pleasant place Hedges and planters should be no more than 2.5 feet high so they cannot be used to gain access to windows.

11 CTPED Data center in center of building Natural access control – Guidance for people enter and leaving the building – Figure 5-2 on page 438 Natural Surveillance – Clear lines of sight to discourage criminals – Figure 5.3 on page 441

12 CTPED Natural Territorial Reinforcement – Physical design to create a sense of community that must be protected – Illegal activities will not be ignored

13 Designing a Physical Security Program Assess the protection levels of existing facilities Regulations (e.g. OSHA, EPA) Legal issues Should have Facility Safety Officer

14 Facility Site Selecting a site (Page 445) Example: – Telecommunication facility containing critical infrastructure No sign Hard to see from the road

15 Facility Construction Major items that need to be addressed from a physical security point of view. – Pages 446-448 – Identify the threats – Fire code

16 Entry Points Weakest points are doors and windows Also, door hinges Doors – Hollow-core = kicked-in or cut – Solid-core Mantraps

17 Entry Points Windows – Where security and aesthetics comes to blows – Standard glass Common in residences Easily broken – Window Types on page 452 Internal Partitions – Figure 5-4 on page 453

18 Computer Room Most computer equipment can be controlled remotely. Do not need personnel in data center. Only one entry and exit. In the core of the building. Not in the basement. Flooding. Restricted area. Not directly accessible from public areas.

19 Computer Room Away from water pipes. Emergency OFF. Allow employees to leave before gas fire suppression is released.

Download ppt "Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456."

Similar presentations

Practical Preparations Planning for Safety and Emergencies.

Practical Preparations Planning for Safety and Emergencies.
OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.

Facilitating a Dialog between the NSDI and Utility Companies J. Peter Gomez Manager, Information Requirements, Xcel Energy.
CPTED and Crime Free Multi-Housing at the Regional Municipality of Wood Buffalo Mark Kay, CPP, PCIP, CCTP Crime Prevention Community Liaison ACCPA.

CPTED and Crime Free Multi-Housing at the Regional Municipality of Wood Buffalo Mark Kay, CPP, PCIP, CCTP Crime Prevention Community Liaison ACCPA.
Presentation Retail Security Key Holding Mobile Patrols Access Control Systems Manned Security www.expresssecurities.co.uk Receptionist CCTV Monitoring.

Presentation Retail Security Key Holding Mobile Patrols Access Control Systems Manned Security Receptionist CCTV Monitoring.
1 Introduction to Security Chapter 15 Institutional Security.

1 Introduction to Security Chapter 15 Institutional Security.
Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.

Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.
Physical Security John Schwertfeger Security Manager Duane Arnold Energy Center.

Physical Security John Schwertfeger Security Manager Duane Arnold Energy Center.
Chapter 5 Enhancing Security Through Physical Controls

Chapter 5 Enhancing Security Through Physical Controls
Crime Prevention Through Environmental Design

Crime Prevention Through Environmental Design
SECURITY HARDWARE & TECHNOLOGY CCPOA REGION 3 TRAINING CLASS MAY 11, 2011.

SECURITY HARDWARE & TECHNOLOGY CCPOA REGION 3 TRAINING CLASS MAY 11, 2011.
Crime Prevention Through Environmental Design

Crime Prevention Through Environmental Design
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.

IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.
Information Security Principles and Practices

Information Security Principles and Practices
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.
Security Devices A modern security system, with its array of electronic components, is designed to sense, decide, and act. The security system senses events.

Security Devices A modern security system, with its array of electronic components, is designed to sense, decide, and act. The security system senses events.
You need to have them in place, You hope you don’t need to use them.

You need to have them in place, You hope you don’t need to use them.
Three Lines of Defense Presented by the Arapahoe County Sheriff’s Office.

Three Lines of Defense Presented by the Arapahoe County Sheriff’s Office.

Similar presentations

Ads by Google