SlideShare ist ein Scribd-Unternehmen logo

Physical security.ppt

Als PPS, PDF herunterladen
Faheem Ul Hasan
Faheem Ul Hasan

Physical Security & IT

BildungBusinessTechnologie
1 von 20
PHYSICAL SECURITY Attacker
Physical Security Not all attacks on your organization' data come across the network Many companies focus on an “iron-clad” network security, but that does not protect them from physical assault or theft of data.
Physical Security  An example of this would be the recent identity theft incident at the Department of Veterans Affairs, which began with the theft of a company laptop.
Physical Security  Increased importance  Given the trend toward smaller, more lightweight PC components, physical security is growing increasingly important.  It’s important to implement a physical access control program in a company and strictly enforce the measures.
Physical Security  Attackers : Two Categories  Outside the company  From within the company
Physical Security Impact of an attack  These attackers can often cause systems to fail, and they can compromise password-protected computers by using a removable hard drive to gain access.  Attackers can directly access networks by adding or rearranging the connections, and they can easily steal physical objects if they're already on the inside.
Physical Security  Preventing Outside attackers  Natural barriers: landscape and terrain  Fencing: type and construction  Walls and ceiling construction: high risk areas  Gate facilities: security checkpoints
Physical Security  Preventing Outside attackers  Frequency of patrols and security checks  Door and window locations and security devices used  Reception areas: location and control of entry  Employee surveillance and vigilance  Parking areas: entrance/exit, access to facility
Physical Security Armed Guards and Bulldogs are a good way to keep out attackers.
Physical Security Preventing attackers from within  Ex: Disgruntled or greedy employers or contactors.  It’s important to implement a physical access control program in a company and strictly enforce the measures.  If an attacker has physical access to a system they can wreak havoc.
Physical Security Guidelines for restricting personal access:  Create a badge program that includes an employee picture and possibly color-code specific areas of access.  Make it a policy to question anyone who doesn't have a visible ID badge.  Escort, observe, and supervise guests for their entire visit.
Physical Security Guidelines for restricting personal access:  Don't allow anyone – including vendors, salespeople, etc. – to connect personal laptops (or any other computing device) to the network.  Don't allow anyone to add hardware or software to computers without proper authorization.  Watch out for "tailgaters." These people wait for someone with access to enter a controlled area (such as one with a locked door) and then follow the authorized person through the door. Tailgaters enter without using their own key, card key, or lock combination.
Physical Security Enforcement
Physical Security Guidelines for protecting information and equipment access:  Place monitors and printers away from windows and areas where unauthorized persons could easily observe them.  Shred or otherwise destroy all sensitive information and media when it's no longer necessary.  Don't leave documents unattended at fax machines or printers.  Require all users to log off or power down workstations at the end of the working day.
Physical Security Guidelines for protecting information and equipment access:  Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of sight in a safe storage place overnight.  Don't allow the removal of computers or storage media from the work area or facility without ensuring that the person removing it has authorization and a valid reason.  Provide locks or cables to prevent theft, and lock computer cases.
Physical Security
Physical Security Strong Room
Physical Security Strong Rooms / Server Room  This hardware contains highly sensitive information and access privileges that affect a company’s data system.  Only a select few administrators should have access to this room.
Physical Security Strong Rooms / Server Room  The room should have increased security mechanisms to prevent unauthorized entry.  There should be camera/personnel surveillance on the entrance to ensure security.
Physical Security Enforcement

Empfohlen

Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security Presentation
Wajahat Rajab
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security Assessments
Tom Eston
 
Physical Security
Physical SecurityPhysical Security
Physical Security
Kriscila Yumul
 
Physical security
Physical securityPhysical security
Physical security
Tariq Mahmood
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
jayashri kolekar
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
7wounders
 
Physical security
Physical securityPhysical security
Physical security
Dhani Ahmad
 
Physical Security In The Workplace
Physical Security In The WorkplacePhysical Security In The Workplace
Physical Security In The Workplace
dougfarre
 

Empfohlen

Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security Presentation
Wajahat Rajab
 
Physical Security Assessments
Physical Security AssessmentsPhysical Security Assessments
Physical Security Assessments
Tom Eston
 
Physical Security
Physical SecurityPhysical Security
Physical Security
Kriscila Yumul
 
Physical security
Physical securityPhysical security
Physical security
Tariq Mahmood
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
jayashri kolekar
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
7wounders
 
Physical security
Physical securityPhysical security
Physical security
Dhani Ahmad
 
Physical Security In The Workplace
Physical Security In The WorkplacePhysical Security In The Workplace
Physical Security In The Workplace
dougfarre
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
Alfred Ouyang
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
Faheem Ul Hasan
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Daniel P Wallace
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
Gary Bahadur
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
Michael Nickle
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
belsis
 
Information security
Information securityInformation security
Information security
avinashbalakrishnan2
 
Security risk management
Security risk managementSecurity risk management
Security risk management
G Prachi
 
Physical access control
Physical access controlPhysical access control
Physical access control
Ahsin Yousaf
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
elmuhammadmuhammad
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
OoXair
 
Cia security model
Cia security modelCia security model
Cia security model
Imran Ahmed
 
Incident response
Incident responseIncident response
Incident response
Anshul Gupta
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Security
leminhvuong
 
Information security
Information security Information security
Information security
razendar79
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domain
amiable_indian
 
9 Bcp+Drp
9 Bcp+Drp9 Bcp+Drp
9 Bcp+Drp
Alfred Ouyang
 
5 Cryptography Part2
5 Cryptography Part25 Cryptography Part2
5 Cryptography Part2
Alfred Ouyang
 

Weitere ähnliche Inhalte

Was ist angesagt?

InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
learnt
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
R_Yanus
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Security
leminhvuong
 

Was ist angesagt? (20)

Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
InformationSecurity
InformationSecurityInformationSecurity
InformationSecurity
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Physical Security Assessment
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations Center
 
Employee Security Training[1]@
Employee Security Training[1]@Employee Security Training[1]@
Employee Security Training[1]@
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Information security
Information securityInformation security
Information security
 
Security risk management
Security risk managementSecurity risk management
Security risk management
 
Physical access control
Physical access controlPhysical access control
Physical access control
 
chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security chapter 1. Introduction to Information Security
chapter 1. Introduction to Information Security
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Cia security model
Cia security modelCia security model
Cia security model
 
Incident response
Incident responseIncident response
Incident response
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Security
 
Information security
Information security Information security
Information security
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domain
 

Andere mochten auch

Andere mochten auch (6)

9 Bcp+Drp
9 Bcp+Drp9 Bcp+Drp
9 Bcp+Drp
 
5 Cryptography Part2
5 Cryptography Part25 Cryptography Part2
5 Cryptography Part2
 
10 Legal+Compliance+Investigation
10 Legal+Compliance+Investigation10 Legal+Compliance+Investigation
10 Legal+Compliance+Investigation
 
7 Software Development Security
7 Software Development Security7 Software Development Security
7 Software Development Security
 
8 Access Control
8 Access Control8 Access Control
8 Access Control
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 

Ähnlich wie Physical security.ppt

Basic security concepts_chapter_1_6perpage
Basic security concepts_chapter_1_6perpageBasic security concepts_chapter_1_6perpage
Basic security concepts_chapter_1_6perpage
nakomuri
 
Physical security.docx
Physical security.docxPhysical security.docx
Physical security.docx
MVNVKUMAR
 
Physical security is a fundamental component of any secure infrastru.pdf
Physical security is a fundamental component of any secure infrastru.pdfPhysical security is a fundamental component of any secure infrastru.pdf
Physical security is a fundamental component of any secure infrastru.pdf
feelinggift
 
now a days security is very important to organization and physical s.pdf
now a days security is very important to organization and physical s.pdfnow a days security is very important to organization and physical s.pdf
now a days security is very important to organization and physical s.pdf
sooryasalini
 
Security Audits & Cyber
Security Audits & CyberSecurity Audits & Cyber
Security Audits & Cyber
Paul Andrews
 

Ähnlich wie Physical security.ppt (20)

Secure physical infrastructure
Secure physical infrastructureSecure physical infrastructure
Secure physical infrastructure
 
Information security and other issues
Information security and other issuesInformation security and other issues
Information security and other issues
 
INFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEMINFORMATION SECURITY SYSTEM
INFORMATION SECURITY SYSTEM
 
Basic security concepts_chapter_1_6perpage
Basic security concepts_chapter_1_6perpageBasic security concepts_chapter_1_6perpage
Basic security concepts_chapter_1_6perpage
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
Physical security.docx
Physical security.docxPhysical security.docx
Physical security.docx
 
Physical security is a fundamental component of any secure infrastru.pdf
Physical security is a fundamental component of any secure infrastru.pdfPhysical security is a fundamental component of any secure infrastru.pdf
Physical security is a fundamental component of any secure infrastru.pdf
 
SECURITY CONTROLS
SECURITY CONTROLSSECURITY CONTROLS
SECURITY CONTROLS
 
now a days security is very important to organization and physical s.pdf
now a days security is very important to organization and physical s.pdfnow a days security is very important to organization and physical s.pdf
now a days security is very important to organization and physical s.pdf
 
Remote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdfRemote access security services are crucial for several reasons_.pdf
Remote access security services are crucial for several reasons_.pdf
 
Security Audits & Cyber
Security Audits & CyberSecurity Audits & Cyber
Security Audits & Cyber
 
Security Audits & Cyber
Security Audits & CyberSecurity Audits & Cyber
Security Audits & Cyber
 
Managing IT Security
Managing IT SecurityManaging IT Security
Managing IT Security
 
Security of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptxSecurity of IOT,OT And IT.pptx
Security of IOT,OT And IT.pptx
 
Securing Management Information Systems.ppt
Securing Management Information Systems.pptSecuring Management Information Systems.ppt
Securing Management Information Systems.ppt
 
08 -Securing Information Systems at workplace.ppt
08 -Securing Information Systems at workplace.ppt08 -Securing Information Systems at workplace.ppt
08 -Securing Information Systems at workplace.ppt
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
P3
P3P3
P3
 

Mehr von Faheem Ul Hasan

Workplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.PptWorkplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.Ppt
Faheem Ul Hasan
 
Terrorism And Its Hazards
Terrorism And Its HazardsTerrorism And Its Hazards
Terrorism And Its Hazards
Faheem Ul Hasan
 
Terrorism A Global Threat
Terrorism A Global ThreatTerrorism A Global Threat
Terrorism A Global Threat
Faheem Ul Hasan
 
Safety & Security Hotel
Safety & Security HotelSafety & Security Hotel
Safety & Security Hotel
Faheem Ul Hasan
 
Fundamentals Of Fire Extinguishers
Fundamentals Of Fire ExtinguishersFundamentals Of Fire Extinguishers
Fundamentals Of Fire Extinguishers
Faheem Ul Hasan
 
Chemical Suicides Presentation
Chemical Suicides PresentationChemical Suicides Presentation
Chemical Suicides Presentation
Faheem Ul Hasan
 
South Asia Intelligence Report
South Asia Intelligence ReportSouth Asia Intelligence Report
South Asia Intelligence Report
Faheem Ul Hasan
 
W Kplace Violence & Security Presentation
W Kplace Violence & Security PresentationW Kplace Violence & Security Presentation
W Kplace Violence & Security Presentation
Faheem Ul Hasan
 

Mehr von Faheem Ul Hasan (20)

PATROLLING
PATROLLINGPATROLLING
PATROLLING
 
Bomb threat checklist
Bomb threat checklistBomb threat checklist
Bomb threat checklist
 
Workplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.PptWorkplace Safety And Security Hotel.Ppt
Workplace Safety And Security Hotel.Ppt
 
Guarding Against Robbery & Assault
Guarding Against Robbery & AssaultGuarding Against Robbery & Assault
Guarding Against Robbery & Assault
 
Security Training Incident Investigation And Report Writing.Ppt
Security Training Incident Investigation And Report Writing.PptSecurity Training Incident Investigation And Report Writing.Ppt
Security Training Incident Investigation And Report Writing.Ppt
 
Terrorism And Its Hazards
Terrorism And Its HazardsTerrorism And Its Hazards
Terrorism And Its Hazards
 
Terrorism A Global Threat
Terrorism A Global ThreatTerrorism A Global Threat
Terrorism A Global Threat
 
Safety & Security Hotel
Safety & Security HotelSafety & Security Hotel
Safety & Security Hotel
 
Fundamentals Of Fire Extinguishers
Fundamentals Of Fire ExtinguishersFundamentals Of Fire Extinguishers
Fundamentals Of Fire Extinguishers
 
Fire Exinguisher
Fire ExinguisherFire Exinguisher
Fire Exinguisher
 
Fire Extinguisher How To Used
Fire Extinguisher How To UsedFire Extinguisher How To Used
Fire Extinguisher How To Used
 
Terrorism South Asia
Terrorism South AsiaTerrorism South Asia
Terrorism South Asia
 
Chemical Suicides Presentation
Chemical Suicides PresentationChemical Suicides Presentation
Chemical Suicides Presentation
 
Risk Advisory
Risk AdvisoryRisk Advisory
Risk Advisory
 
South Asia Intelligence Report
South Asia Intelligence ReportSouth Asia Intelligence Report
South Asia Intelligence Report
 
Global Terrorism
Global TerrorismGlobal Terrorism
Global Terrorism
 
Terrorism Update
Terrorism UpdateTerrorism Update
Terrorism Update
 
Khyber Assessment 2011
Khyber Assessment 2011Khyber Assessment 2011
Khyber Assessment 2011
 
Travel Risk Advisory
Travel Risk AdvisoryTravel Risk Advisory
Travel Risk Advisory
 
W Kplace Violence & Security Presentation
W Kplace Violence & Security PresentationW Kplace Violence & Security Presentation
W Kplace Violence & Security Presentation
 

Kürzlich hochgeladen

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 

Kürzlich hochgeladen (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
SOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning PresentationSOC 101 Demonstration of Learning Presentation
SOC 101 Demonstration of Learning Presentation
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 

Physical security.ppt

  • 2. Physical Security Not all attacks on your organization' data come across the network Many companies focus on an “iron-clad” network security, but that does not protect them from physical assault or theft of data.
  • 3. Physical Security  An example of this would be the recent identity theft incident at the Department of Veterans Affairs, which began with the theft of a company laptop.
  • 4. Physical Security  Increased importance  Given the trend toward smaller, more lightweight PC components, physical security is growing increasingly important.  It’s important to implement a physical access control program in a company and strictly enforce the measures.
  • 5. Physical Security  Attackers : Two Categories  Outside the company  From within the company
  • 6. Physical Security Impact of an attack  These attackers can often cause systems to fail, and they can compromise password-protected computers by using a removable hard drive to gain access.  Attackers can directly access networks by adding or rearranging the connections, and they can easily steal physical objects if they're already on the inside.
  • 7. Physical Security  Preventing Outside attackers  Natural barriers: landscape and terrain  Fencing: type and construction  Walls and ceiling construction: high risk areas  Gate facilities: security checkpoints
  • 8. Physical Security  Preventing Outside attackers  Frequency of patrols and security checks  Door and window locations and security devices used  Reception areas: location and control of entry  Employee surveillance and vigilance  Parking areas: entrance/exit, access to facility
  • 9. Physical Security Armed Guards and Bulldogs are a good way to keep out attackers.
  • 10. Physical Security Preventing attackers from within  Ex: Disgruntled or greedy employers or contactors.  It’s important to implement a physical access control program in a company and strictly enforce the measures.  If an attacker has physical access to a system they can wreak havoc.
  • 11. Physical Security Guidelines for restricting personal access:  Create a badge program that includes an employee picture and possibly color-code specific areas of access.  Make it a policy to question anyone who doesn't have a visible ID badge.  Escort, observe, and supervise guests for their entire visit.
  • 12. Physical Security Guidelines for restricting personal access:  Don't allow anyone – including vendors, salespeople, etc. – to connect personal laptops (or any other computing device) to the network.  Don't allow anyone to add hardware or software to computers without proper authorization.  Watch out for "tailgaters." These people wait for someone with access to enter a controlled area (such as one with a locked door) and then follow the authorized person through the door. Tailgaters enter without using their own key, card key, or lock combination.
  • 14. Physical Security Guidelines for protecting information and equipment access:  Place monitors and printers away from windows and areas where unauthorized persons could easily observe them.  Shred or otherwise destroy all sensitive information and media when it's no longer necessary.  Don't leave documents unattended at fax machines or printers.  Require all users to log off or power down workstations at the end of the working day.
  • 15. Physical Security Guidelines for protecting information and equipment access:  Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of sight in a safe storage place overnight.  Don't allow the removal of computers or storage media from the work area or facility without ensuring that the person removing it has authorization and a valid reason.  Provide locks or cables to prevent theft, and lock computer cases.
  • 17. Physical Security Strong Room
  • 18. Physical Security Strong Rooms / Server Room  This hardware contains highly sensitive information and access privileges that affect a company’s data system.  Only a select few administrators should have access to this room.
  • 19. Physical Security Strong Rooms / Server Room  The room should have increased security mechanisms to prevent unauthorized entry.  There should be camera/personnel surveillance on the entrance to ensure security.