Physical Security Presentation

Wajahat Rajab
Wajahat RajabCISSP, CHFI, CEH, ENSA um Trillium Information Security Systems
Physical Security
Muhammad Wajahat Rajab
Domain overview
• The domain addresses...
– Threats,
– Vulnerabilities
– Countermeasures
• Focuses on protecting enterprise resources…
– People
– Data
– Facility
– Equipment
CISSP expectations
• A candidate must know elements involved in…
– Choosing a secure site
– Design and configuration of a site
– Securing the facility against
• Unauthorized access
• Theft of equipment and information
– Environmental and safety measures needed to protect
• People
• Facility
• Equipment
Point to ponder
• Does compliance ensure security?
Basics
What is vulnerability?
What is threat?
What is risk?
Err… Security
• What is Security?
Physical security
• Measure to safeguard and protect against:
– Damage
– Loss
– Theft
CIA triad
• Risks to CIA
– Interruptions in providing computer services?
– Physical damage?
– Unauthorized disclosure of information?
– Loss of control over information?
– Physical theft?
Categories of threats
Important
• In any case nothing should impede life safety goals!
Physical controls
• Implement physical security
• Where are they needed?
– At perimeter and building grounds
– At building entry points
– Inside the building
• Offices / Rooms
– For data centers or server room security
– Computer equipment protection
Choosing a Secure Site
Visibility
• Low or high visibility?
• Types of neighbors
• Markings on the building
Local considerations
• Near hazard waste dump area
• In flood control plain area
• Local crime rate
• Riots
• Strike prone area
Natural disasters
• Weather related problems
• Tornadoes
• Heavy snow
• Earthquake zone
Transportation
• Excessive highway, air, or road traffic in area
• How many bridges?
Joint tenancy
• Shared HVAC and environmental controls
External services
• Proximity to…
– Local fire facilities
– Police
– Hospital/Medical Facilities
Layered defense model
Implementation
• Security breach alarms
• On-premises security officers
• Server operations monitoring
• Early warning smoke detectors
• Redundant HVAC equipment
• UPS and backup generators
• Seismically braced server racks
• Biometric access and exit sensors
• Continuous video surveillance
• Electronic motion sensors
Implementation (2)
Designing a secure site
Walls
• All walls must have acceptable fire rating
– Floor to ceiling
• Any closets storing media must also have acceptable
fire rating
Ceiling
• Can they bear the right weight?
• Acceptable fire rating
Floors
• Slab
– 150 pounds per square foot weight bearing
• Raised
– Concerned with
• Fire rating
• Electrical conductivity
– Employ non conducting surface material in data center!
Doors
• Must resist forced entry
• Solid or hollow?
• Hinges hidden, internal or fixed
• Fire rating equivalent to that of adjacent wall
• Emergency exits must be...
– Clearly marked
– Monitored
– Alarmed
• Electrical doors
– Fail safe or fail secure?
Windows
• Should prevent any viewing…
• Windows in data center?
• Windows types…
Standard glass
Tempered glass
Acrylic glass
Wired mesh glass
Solar window film
Security film
Keep an eye on…
• Sprinkler systems
– Location and type must be known
• Water and gas pipelines
– Location of the shut off valves must be known
– Water, steam and gas lines should have positive drains
• Flow outward and away from the building!
• Air conditioning
– Dedicated power for data centers
– EPO switch should be known
– Provide outward positive air pressure
– Prevent intake of potential toxins into the facility
Facility security management
Audit logs
• Identify entry attempts and who attempted them
• Preventive or detective controls?
– Date and time of access attempt
– Whether the attempt was successful or not
– Where the access was granted (i.e. which door)
– Who attempted the access
– Who modified the access privileges at the supervisor level
– Can send alarms or alerts if required
Emergency procedures
• Should be clearly documented and readily accessible
• Copies should be stored offsite in the event of a
disaster
• Should be updated periodically
• Should include the following…
– Emergency system shutdown procedures
– Evacuation procedures
– Employee training, awareness programs, and periodic drills
• Fire drills
– Periodic equipment and systems tests
Administrative personnel
controls
Pre-employment screening
• Employment, references and educational history
checks
• Background investigation and/or credit rating checks
for sensitive positions
On-going employee checks
• Security clearances
• Ongoing employee ratings or reviews by supervisors
Post-employment procedures
• Exit interview, removal of network access, return of
computers, etc.
Environmental and life safety
controls
Environmental control areas
• Electrical Power
• Fire Detection and Suppression
• Heating, Ventilation and Air Conditioning (HVAC)
Electrical power
• Disruptions in electrical power can have a serious
business impact
• Goals…
– Clean and steady power
– Excellent power quality
• Design considerations…
– Dedicated feeders
– Alternate power source
– Access controls
• Secure breaker and transformer rooms
Electrical power threats
• Electrical noise
• Anomalies
• Electrostatic discharge
Electrical noise
• Random disturbance interfering with devices
– EMI and RFI
• Caused by…
– Components of electrical system
– Fluorescent lighting, Truck ignitions
• Can cause permanent damage to sensitive
components in a system!
Types of EMI noise
• Common mode noise
– Noise from radiation generated by the difference between
the “Hot” and “Ground” wires
• Transverse mode noise
– Noise from radiation generated by the difference between
the “Hot” and “Neutral” wires
Protective measures for noise
• Proper line conditioning
• Proper grounding of the system to earth
• Cable shielding
• Limited exposure to magnets, electrical motors, and
fluorescent lights
Electrical anomalies
• Power excess
– Spike – Momentary high voltage
– Surge – Prolonged high voltage
• Power loss
– Fault – Momentary power outage
– Blackout – Complete loss of power
• Power degradation
– Sag/dip – Momentary low voltage condition for few
seconds
– Brownout – Prolonged low voltage power supply
Electrical anomalies
• Transients
– Line noise that is superimposed on the supply circuit can
cause fluctuation in power
• Inrush current
– Initial surge of current required to start a load
Electrical support systems
• Surge suppressors
• Uninterruptible power supplies
– Only for duration needed to safely shutdown systems
• Emergency shutoff switch (EPO switch)
– Should be monitored by camera
• Alternate Power Supply
– Generator, Fuel Cell, etc.
Electrostatic discharge
• Power surge generated by a person or device
contacting another device and transferring a high
voltage shock!
• Affected by low humidity!
Static charge and damage
• At 40 Volts
– Sensitive circuits and transistors
• At 1000 Volts
– Scramble monitor display
• At 1500 Volts
– Disk drive data loss
• At 2000 Volts
– System shutdown
• At 4000 Volts
– Printer jam
Static charge and damage (2)
• At 17000 Volts
– Permanent chip damage
Acceptable humidity
• Ideal humidity range = 40% to 60%
– High humidity > 60%
• Causes problems with condensation on computer equipment
• Cause corrosion of electrical connections – sort of like “Electroplating”
and impedes electrical efficiency
– Low humidity < 40%
• Can cause increase in electrostatic discharge
• Up to 4000 Volts under normal humidity
• Up to 25,000 Volts under very low humidity
Precautions for static electricity
• Use anti-static sprays where possible
• Operations or computer centers should have anti-
static flooring
• Building and computer rooms should be grounded
properly
• Anti-static table or floor mats
• HVAC should maintain proper level of humidity in
computer rooms
Fire protection
• Three ways to tackle fire…
– Fire Prevention
– Fire Detection
– Fire Suppression
• Three elements that keep the fire going…
– Heat
– Oxygen
– Fuel
– We just need to kill one element to kill the fire!
Types of fires
Class Description (Fuel)
A Common combustibles such as paper, wood, furniture,
clothing
B Burnable fuels such as gasoline or oil
C Electrical fires such as computers and electronics
D Special fires such as chemical, metal
K Commercial kitchen fire
Fire prevention
• Use fire resistant materials for walls, doors,
furnishings, etc.
• Reduce the amount of combustible papers around
electrical equipment
• Provide fire prevention training to employees
– REMEMBER: Life safety is the most important issue!
• Conduct fire drills on all shifts so that personnel
know how to exit a building!
• Ionization-type Smoke Detectors
– Detect charged particles in smoke
• Optical (Photoelectric) Detectors
– React to light blockage caused by smoke
• Fixed or Rate-of-Rise Temperature Sensors
– Heat detectors that react to the heat of a fire
– Fixed sensors have lower false positives
• Flame Actuated
– Senses infrared energy of flame or pulsating of the flame
– Very FAST response time but expensive!
Fire detection
Fire extinguishing methods
Class Description (Fuel) Extinguishing Method
A Common combustibles such as paper,
wood, furniture, clothing
Water, Foam
B Burnable fuels such as gasoline or oil Inert Gas, CO2
C Electrical fires such as computers and
electronics
Inert Gas, CO2 (Note: Most
important step: Turn off
electricity first!)
D Special fires, such as chemical, metal Dry Powder (May require
total immersion or other
special techniques)
K Commercial kitchen fire Wet Chemicals
Fire suppression
• Carbon Dioxide, Foam, Inert Gas and Dry Powder
Extinguishers DISPLACE Oxygen to suppress a fire
• CO2 is a risk to humans (Because of oxygen
displacement)
• Water suppresses the temperature required to
sustain a fire
Fire suppression - Halon
• Halon banned for new systems under 1987 Montreal
Protocol on substances that deplete the Ozone Layer
– Began implementation of ban in 1992
– Any new installations of fire suppression systems must use
alternate options
– EU requires removal of Halon from most applications
• Halon replacements:
– FM200
– Water
Fire suppression - Water
• Wet Pipe
– Always contains water
– Most popular
– 165°F Fuse Melts
– Can freeze in winter
– Pipe breaks can cause floods
• Dry Pipe
– No water in pipe
– Preferred for computer installations
– Water held back by clapper
– Air blows out of pipe, water flows
Fire Suppression – Water (2)
• Deluge
– Type of dry pipe
– Water discharge is large
– Not recommended for computer installations
• Preaction
– Most recommended for computer room
– Combines both dry and wet Pipes
– Water released into pipe first then after fuse melts in
nozzle the water is dispersed
HVAC
• Heating, Ventilation, and Air Conditioning
• Usually the focal point for Environmental Controls
• You need to know who is responsible for HVAC in
your building
• Clear escalation steps need to be defined well in
advance of an environmental threatening incident
HVAC issues
• Are computerized components involved?
• Does it maintain appropriate temperature and
humidity levels and air quality?
– Ideal Temperature = 70° to 74° F
– Ideal Humidity = 40% to 60%
• Maintenance procedures should be documented
More physical controls
Elements of physical security
• Badges
• Restricted Areas
• Lights
• Dogs
• CCTV
• Locks
• Access Control
• Barriers
• Security Forces
• Fences
• Intrusion Detection Systems
Functions of physical security
• Deter
• Detect
• Delay
• Respond
Perimeter protection
• Perimeter security controls are the first line of
defense
• Protective barriers – Natural or structural
– Natural barriers
• Terrains that are difficult to cross
• Landscaping (Shrubs, Trees, Spiny shrubs)
– Structural barriers
• Fences, Gates, Bollards, Facility Walls
Fences
• Know These Fencing Heights:
– 3 ft – 4 ft high  Deters casual trespassers
– 6 ft – 8 ft high  Too hard to climb easily
– 8 ft high with
3 strands of
barbed wire  Deters intruders
• Types of fencing
– Chain link
– Barbed wire
– Barbed tape or Concertina wire
Fences (2)
• Chain link…
– 6 feet tall (Excluding top guard)
– 8 feet tall (With top guard)
– 2 inch openings or less
– Reach within 2 inches of
ground or on soft ground
should be below the surface
– Be sure vegetation or adjacent
structures do not bridge over
the fence
This is at least
8 Feet
Fences (3)
• Barbed wire
Fences (4)
• Concertina wire
Gates, Bollards, Barriers
Intrusion detection & surveillance
• Perimeter Intrusion Detection Systems
– Sensors that detect access into the area
• Photoelectric
• Ultrasonic
• Microwave
• Passive infrared (PIR)
• Pressure sensitive (Dry contact switch)
– Surveillance Devices
• Closed-Circuit Television (CCTV)
Motion detectors
• Wave Pattern
– Generates a frequency wave pattern
• Capacitance
– Monitors an electrical field around an object
• Audio Detectors
– Monitors any abnormal sound wave generation
– Lots of false alarms
CCTV
• A television transmission system that uses cameras
to transmit pictures to connected monitors
• CCTV levels:
– Detection: The ability to detect the presence of an object
– Recognition: The ability to determine the type of object
(animal, blowing debris, crawling human)
– Identification: The ability to determine the object details
(person, large rabbit, small deer, tumbleweed)
CCTV components
• Camera
– Fixed, Zoom
– Pan, Tilt
• Transmission Media
– Coax Cable
– Fiber Cable
– Wireless
• Monitor
CCTV deployment features
• Cameras high enough to
avoid physical attack
• Cameras distributed to
include blind areas
• Appropriate Lenses
• Pan, Tilt, Zoom (PTZ) as
required
• Ability to be recorded
• Camera system tied to
alarm system
• Number and quality of
video frames increased
during alarm event
• Regular service of
moving parts
• Cleaning lenses
CCTV application guidelines
• Understand the facility’s total surveillance
requirements
• Determine the size of the area to be monitored
– Depth, Height, and Width
– Ensures proper camera lens specifications
• Lighting is important – Different lamps and lighting
provide various levels of effectiveness
– ‘Contrast’ between the object and background
– For outdoor use, the US army specifies the automatically
adjusted Iris feature
CCTV legal & practical implications
• Storage implications of recorded data
• Video tapes must be stored to prevent deterioration
• Digital records must be maintained to assert integrity
• Human rights and privacy implications in recording
people
• Requirements to blur/pixelate individuals other than
accused!
Lighting
• Provides a deterrent to intruders
• Makes detection likely if entry attempted
• Should be used with other controls such as fences,
patrols, alarm systems, CCTV
• Critical protected buildings should be illuminated up
to 8 feet high, with 2 foot-candle power!
Types of lighting
• Continuous Lighting (Most Common)
– Glare Projection
– Flood Lighting
• Trip Lighting
• Standby Lighting
• Movable (Portable)
• Emergency Lighting
Locks
• Locks are considered delay devices only
• Defeated by force and/or the proper tools
• Never be considered stand-alone method of security
• Types of locks…
Key in knob-locks
Dead bolt locks
Mortise locks
Padlocks
Combination locks
Keyless and smart locks
Lock security measures
• Key control procedures
– Restrict issue of keys on a long-term basis to outside
maintenance or janitorial personnel
– Keep a record of all issued keys
– Investigate the loss of all keys
• When in doubt, rekey the affected locks
– Use as few master keys as possible
– Issue keys on a need-to-go basis
– Remember – Keys are a single-factor authentication
mechanism that can be lost, stolen, or copied!
• (Use 2-factor methods for more secure areas)
Compartmentalized area
• Location where sensitive equipment is stored and
where sensitive information is processed
– Must have a higher level of security controls!
Portable device security
• Laptops, PDAs, Etc.
– Protect the device
– Protect the data in the device
• Examples:
– Locking the cables
– Tracing software
– Encryption software
– PIN Protection for PDAs
– Inventory system
Alarm systems
• Local alarm systems
– Alarm sounds locally and must be protected from
tampering and audible for at least 400 feet
• Central station units
– Monitored 7x24 and signaled over leased lines – Usually
within < 10 minutes travel time
– Private security firms
• Proprietary systems
– Similar to central but owned and operated by customer
Alarm systems (2)
• Auxiliary station systems
– Systems that ring at local fire or police stations
• Line supervision
– Alarm sounds when alarm transmission medium detects
tampering
Drills, testing and maintenance
Drills
• Keep everyone aware of their responsibilities
• Focus on building evacuation exercises
Testing
• Employ physical penetration testing
• Identify weak entry points
• Keep findings documented
• Keep checklists to ensure consistency
Maintenance
• Monitor the maintenance
• Contractually bound the contractors
– Audit services provided
• Proper change and configuration management
Data destruction
• Data Destruction and Reuse…
– Degaussing or overwriting usually destroys most data
– Normal formatting does not destroy the data
– Format or overwrite 7 times (Mil-Spec)
– Consider shredding hard drives, other portable media
– Paper records = Confetti shred or burn!
Questions
Question 1
• Under what conditions would the use of a "Class C"
hand-held fire extinguisher be preferable to the use
of a "Class A" hand-held fire extinguisher?
A. When the fire is in its incipient stage.
B. When the fire involves electrical equipment.
C. When the fire is located in an enclosed area.
D. When the fire is caused by flammable products.
Question 1
• Under what conditions would the use of a "Class C"
hand-held fire extinguisher be preferable to the use
of a "Class A" hand-held fire extinguisher?
A. When the fire is in its incipient stage.
B. When the fire involves electrical equipment.
C. When the fire is located in an enclosed area.
D. When the fire is caused by flammable products.
Question 2
• Which of the following is the most costly
countermeasure to reducing physical security risks?
A. Procedural controls
B. Hardware devices
C. Electronic systems
D. Personnel
Question 2
• Which of the following is the most costly
countermeasure to reducing physical security risks?
A. Procedural controls
B. Hardware devices
C. Electronic systems
D. Personnel
Question 3
• Which type of fire extinguisher is most appropriate
for an information processing facility?
A. Type A
B. Type B
C. Type C
D. Type D
Question 3
• Which type of fire extinguisher is most appropriate
for an information processing facility?
A. Type A
B. Type B
C. Type C
D. Type D
Question 4
• Which of the following floors would be most
appropriate to locate information processing
facilities in a 6-stories building?
A. Basement
B. Ground floor
C. Third floor
D. Sixth floor
Question 4
• Which of the following floors would be most
appropriate to locate information processing
facilities in a 6-stories building?
A. Basement
B. Ground floor
C. Third floor
D. Sixth floor
Thank you! 
1 von 115

Recomendados

Physical Security In The Workplace von
Physical Security In The WorkplacePhysical Security In The Workplace
Physical Security In The Workplacedougfarre
3.6K views41 Folien
Physical security.ppt von
Physical security.pptPhysical security.ppt
Physical security.pptFaheem Ul Hasan
29.1K views20 Folien
Physical security von
Physical securityPhysical security
Physical securityDhani Ahmad
5.2K views55 Folien
7. physical sec von
7. physical sec7. physical sec
7. physical sec7wounders
1.5K views40 Folien
Module 10 Physical Security von
Module 10   Physical SecurityModule 10   Physical Security
Module 10 Physical Securityleminhvuong
6.9K views40 Folien
Physical Security Assessments von
Physical Security AssessmentsPhysical Security Assessments
Physical Security AssessmentsTom Eston
18.6K views23 Folien

Más contenido relacionado

Was ist angesagt?

Security Presentation von
Security PresentationSecurity Presentation
Security PresentationGerhard Peens
7K views14 Folien
Physical security von
Physical securityPhysical security
Physical securityFerdinand Camilo Kimura
10.7K views116 Folien
Physical Security Assessment von
Physical Security AssessmentPhysical Security Assessment
Physical Security AssessmentFaheem Ul Hasan
6K views20 Folien
8. operations security von
8. operations security8. operations security
8. operations security7wounders
5.1K views42 Folien
Workplace Security Awareness-Part 1 von
Workplace Security Awareness-Part 1Workplace Security Awareness-Part 1
Workplace Security Awareness-Part 1David Santiago
4.4K views26 Folien

Was ist angesagt?(20)

8. operations security von 7wounders
8. operations security8. operations security
8. operations security
7wounders5.1K views
Workplace Security Awareness-Part 1 von David Santiago
Workplace Security Awareness-Part 1Workplace Security Awareness-Part 1
Workplace Security Awareness-Part 1
David Santiago4.4K views
1. Security and Risk Management von Sam Bowne
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
Sam Bowne1.4K views
Security risk management von G Prachi
Security risk managementSecurity risk management
Security risk management
G Prachi7.1K views
Physical Security Assessment von Gary Bahadur
Physical Security AssessmentPhysical Security Assessment
Physical Security Assessment
Gary Bahadur24.4K views
Data Center Security von devalnaik
Data Center SecurityData Center Security
Data Center Security
devalnaik3.2K views
Cyber security awareness von Jason Murray
Cyber security awarenessCyber security awareness
Cyber security awareness
Jason Murray8.1K views
Access Control Presentation von Wajahat Rajab
Access Control PresentationAccess Control Presentation
Access Control Presentation
Wajahat Rajab45.1K views
Security Management Practices von amiable_indian
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian15.7K views
Managing your access control systems von Walter Sinchak,
Managing your access control systemsManaging your access control systems
Managing your access control systems
Walter Sinchak,4.3K views

Destacado

Criminal Investigation Process von
Criminal Investigation ProcessCriminal Investigation Process
Criminal Investigation ProcessMr Shipp
8.5K views57 Folien
Ict Biometrics & Authentication von
Ict Biometrics & AuthenticationIct Biometrics & Authentication
Ict Biometrics & Authentication'Atikah Khalil
7K views7 Folien
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste... von
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...ASHOKKUMAR RAMAR
7.4K views7 Folien
Five Physical Security Measures Every Company Should Adopt von
Five Physical Security Measures Every Company Should AdoptFive Physical Security Measures Every Company Should Adopt
Five Physical Security Measures Every Company Should AdoptBrivo Inc.
1.2K views20 Folien
Physical security measures syrian passports von
Physical security measures syrian passportsPhysical security measures syrian passports
Physical security measures syrian passportsRicardo Peralta
582 views1 Folie
High level integrated security measures von
High level integrated security measuresHigh level integrated security measures
High level integrated security measuresProtection Strategies Inc
751 views4 Folien

Destacado(6)

Criminal Investigation Process von Mr Shipp
Criminal Investigation ProcessCriminal Investigation Process
Criminal Investigation Process
Mr Shipp8.5K views
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste... von ASHOKKUMAR RAMAR
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...
INDUSTRIAL SECURITY SYSTEM PROJECTS ABSTRACT:Industrial safety measures syste...
ASHOKKUMAR RAMAR7.4K views
Five Physical Security Measures Every Company Should Adopt von Brivo Inc.
Five Physical Security Measures Every Company Should AdoptFive Physical Security Measures Every Company Should Adopt
Five Physical Security Measures Every Company Should Adopt
Brivo Inc.1.2K views
Physical security measures syrian passports von Ricardo Peralta
Physical security measures syrian passportsPhysical security measures syrian passports
Physical security measures syrian passports
Ricardo Peralta582 views

Similar a Physical Security Presentation

Practical Electrical Substation Safety for Engineers and Technicians von
Practical Electrical Substation Safety for Engineers and TechniciansPractical Electrical Substation Safety for Engineers and Technicians
Practical Electrical Substation Safety for Engineers and TechniciansLiving Online
6.8K views24 Folien
CISSP - Chapter 3 - Physical security von
CISSP - Chapter 3  - Physical securityCISSP - Chapter 3  - Physical security
CISSP - Chapter 3 - Physical securityKarthikeyan Dhayalan
7.3K views32 Folien
Practical Arc Flash Protection for Electrical Safety Professionals von
Practical Arc Flash Protection for Electrical Safety ProfessionalsPractical Arc Flash Protection for Electrical Safety Professionals
Practical Arc Flash Protection for Electrical Safety ProfessionalsLiving Online
2K views22 Folien
Use of hand tools von
Use of hand toolsUse of hand tools
Use of hand toolsYdel Capales
2.4K views55 Folien
Emergency Lighting: what, when & how? von
Emergency Lighting: what, when & how?Emergency Lighting: what, when & how?
Emergency Lighting: what, when & how?EMEX
1.7K views33 Folien
UNIT-V FIRE SAFETY INSTALLATION von
UNIT-V    FIRE SAFETY INSTALLATIONUNIT-V    FIRE SAFETY INSTALLATION
UNIT-V FIRE SAFETY INSTALLATIONkarthi keyan
91 views51 Folien

Similar a Physical Security Presentation(20)

Practical Electrical Substation Safety for Engineers and Technicians von Living Online
Practical Electrical Substation Safety for Engineers and TechniciansPractical Electrical Substation Safety for Engineers and Technicians
Practical Electrical Substation Safety for Engineers and Technicians
Living Online6.8K views
Practical Arc Flash Protection for Electrical Safety Professionals von Living Online
Practical Arc Flash Protection for Electrical Safety ProfessionalsPractical Arc Flash Protection for Electrical Safety Professionals
Practical Arc Flash Protection for Electrical Safety Professionals
Living Online2K views
Emergency Lighting: what, when & how? von EMEX
Emergency Lighting: what, when & how?Emergency Lighting: what, when & how?
Emergency Lighting: what, when & how?
EMEX1.7K views
UNIT-V FIRE SAFETY INSTALLATION von karthi keyan
UNIT-V    FIRE SAFETY INSTALLATIONUNIT-V    FIRE SAFETY INSTALLATION
UNIT-V FIRE SAFETY INSTALLATION
karthi keyan91 views
Electromechanical systems in hospitals, 061205 von Moustafa M Elsayed
Electromechanical systems in hospitals, 061205Electromechanical systems in hospitals, 061205
Electromechanical systems in hospitals, 061205
Moustafa M Elsayed3.8K views
2 Gall - Electrical Safety.pdf von Trainer011
2 Gall - Electrical Safety.pdf2 Gall - Electrical Safety.pdf
2 Gall - Electrical Safety.pdf
Trainer01115 views
10.Electrical and Equipment Safety.ppt von RajaMannar6
10.Electrical and Equipment Safety.ppt10.Electrical and Equipment Safety.ppt
10.Electrical and Equipment Safety.ppt
RajaMannar68 views
10.Electrical and Equipment Safety.ppt von anu200770
10.Electrical and Equipment Safety.ppt10.Electrical and Equipment Safety.ppt
10.Electrical and Equipment Safety.ppt
anu2007704 views
Information Security Lesson 10 - Operational Security - Eric Vanderburg von Eric Vanderburg
Information Security Lesson 10 - Operational Security - Eric VanderburgInformation Security Lesson 10 - Operational Security - Eric Vanderburg
Information Security Lesson 10 - Operational Security - Eric Vanderburg
Eric Vanderburg578 views
Vinnu palaparthi r&ac(foundation) ppt 2018. von vinnupalaparthi
Vinnu palaparthi r&ac(foundation) ppt 2018.Vinnu palaparthi r&ac(foundation) ppt 2018.
Vinnu palaparthi r&ac(foundation) ppt 2018.
vinnupalaparthi79 views
Electrical Safety Techniques von Living Online
Electrical Safety TechniquesElectrical Safety Techniques
Electrical Safety Techniques
Living Online2.8K views
Electrical Safety (affected employees) von buffbuss61
Electrical Safety (affected employees)Electrical Safety (affected employees)
Electrical Safety (affected employees)
buffbuss611.8K views
Electricalsafetyaffectedemployees 131125110440-phpapp01 (1) von Dean Jendsen
Electricalsafetyaffectedemployees 131125110440-phpapp01 (1)Electricalsafetyaffectedemployees 131125110440-phpapp01 (1)
Electricalsafetyaffectedemployees 131125110440-phpapp01 (1)
Dean Jendsen209 views
Practical HV and LV Switching Operations and Safety Rules von Living Online
Practical HV and LV Switching Operations and Safety RulesPractical HV and LV Switching Operations and Safety Rules
Practical HV and LV Switching Operations and Safety Rules
Living Online3.9K views
Fire detection and alarm system von sakshisankpal
Fire detection and alarm systemFire detection and alarm system
Fire detection and alarm system
sakshisankpal539 views
Fire detection and alarm system von sakshisankpal
Fire detection and alarm systemFire detection and alarm system
Fire detection and alarm system
sakshisankpal113 views

Último

MercerJesse3.0.pdf von
MercerJesse3.0.pdfMercerJesse3.0.pdf
MercerJesse3.0.pdfjessemercerail
183 views6 Folien
INT-244 Topic 6b Confucianism von
INT-244 Topic 6b ConfucianismINT-244 Topic 6b Confucianism
INT-244 Topic 6b ConfucianismS Meyer
51 views77 Folien
Guess Papers ADC 1, Karachi University von
Guess Papers ADC 1, Karachi UniversityGuess Papers ADC 1, Karachi University
Guess Papers ADC 1, Karachi UniversityKhalid Aziz
109 views17 Folien
UNIT NO 13 ORGANISMS AND POPULATION.pptx von
UNIT NO 13 ORGANISMS AND POPULATION.pptxUNIT NO 13 ORGANISMS AND POPULATION.pptx
UNIT NO 13 ORGANISMS AND POPULATION.pptxMadhuri Bhande
48 views33 Folien
OOPs - JAVA Quick Reference.pdf von
OOPs - JAVA Quick Reference.pdfOOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdfArthyR3
76 views66 Folien
The Future of Micro-credentials: Is Small Really Beautiful? von
The Future of Micro-credentials:  Is Small Really Beautiful?The Future of Micro-credentials:  Is Small Really Beautiful?
The Future of Micro-credentials: Is Small Really Beautiful?Mark Brown
121 views35 Folien

Último(20)

INT-244 Topic 6b Confucianism von S Meyer
INT-244 Topic 6b ConfucianismINT-244 Topic 6b Confucianism
INT-244 Topic 6b Confucianism
S Meyer51 views
Guess Papers ADC 1, Karachi University von Khalid Aziz
Guess Papers ADC 1, Karachi UniversityGuess Papers ADC 1, Karachi University
Guess Papers ADC 1, Karachi University
Khalid Aziz109 views
UNIT NO 13 ORGANISMS AND POPULATION.pptx von Madhuri Bhande
UNIT NO 13 ORGANISMS AND POPULATION.pptxUNIT NO 13 ORGANISMS AND POPULATION.pptx
UNIT NO 13 ORGANISMS AND POPULATION.pptx
Madhuri Bhande48 views
OOPs - JAVA Quick Reference.pdf von ArthyR3
OOPs - JAVA Quick Reference.pdfOOPs - JAVA Quick Reference.pdf
OOPs - JAVA Quick Reference.pdf
ArthyR376 views
The Future of Micro-credentials: Is Small Really Beautiful? von Mark Brown
The Future of Micro-credentials:  Is Small Really Beautiful?The Future of Micro-credentials:  Is Small Really Beautiful?
The Future of Micro-credentials: Is Small Really Beautiful?
Mark Brown121 views
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37 von MysoreMuleSoftMeetup
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
Payment Integration using Braintree Connector | MuleSoft Mysore Meetup #37
NodeJS and ExpressJS.pdf von ArthyR3
NodeJS and ExpressJS.pdfNodeJS and ExpressJS.pdf
NodeJS and ExpressJS.pdf
ArthyR353 views
11.30.23A Poverty and Inequality in America.pptx von mary850239
11.30.23A Poverty and Inequality in America.pptx11.30.23A Poverty and Inequality in America.pptx
11.30.23A Poverty and Inequality in America.pptx
mary850239228 views
GSoC 2024 .pdf von ShabNaz2
GSoC 2024 .pdfGSoC 2024 .pdf
GSoC 2024 .pdf
ShabNaz245 views
Education of marginalized and socially disadvantages segments.pptx von GarimaBhati5
Education of marginalized and socially disadvantages segments.pptxEducation of marginalized and socially disadvantages segments.pptx
Education of marginalized and socially disadvantages segments.pptx
GarimaBhati552 views
Introduction to AERO Supply Chain - #BEAERO Trainning program von Guennoun Wajih
Introduction to AERO Supply Chain  - #BEAERO Trainning programIntroduction to AERO Supply Chain  - #BEAERO Trainning program
Introduction to AERO Supply Chain - #BEAERO Trainning program
Guennoun Wajih135 views

Physical Security Presentation

  • 2. Domain overview • The domain addresses... – Threats, – Vulnerabilities – Countermeasures • Focuses on protecting enterprise resources… – People – Data – Facility – Equipment
  • 3. CISSP expectations • A candidate must know elements involved in… – Choosing a secure site – Design and configuration of a site – Securing the facility against • Unauthorized access • Theft of equipment and information – Environmental and safety measures needed to protect • People • Facility • Equipment
  • 4. Point to ponder • Does compliance ensure security?
  • 10. Physical security • Measure to safeguard and protect against: – Damage – Loss – Theft
  • 11. CIA triad • Risks to CIA – Interruptions in providing computer services? – Physical damage? – Unauthorized disclosure of information? – Loss of control over information? – Physical theft?
  • 13. Important • In any case nothing should impede life safety goals!
  • 14. Physical controls • Implement physical security • Where are they needed? – At perimeter and building grounds – At building entry points – Inside the building • Offices / Rooms – For data centers or server room security – Computer equipment protection
  • 16. Visibility • Low or high visibility? • Types of neighbors • Markings on the building
  • 17. Local considerations • Near hazard waste dump area • In flood control plain area • Local crime rate • Riots • Strike prone area
  • 18. Natural disasters • Weather related problems • Tornadoes • Heavy snow • Earthquake zone
  • 19. Transportation • Excessive highway, air, or road traffic in area • How many bridges?
  • 20. Joint tenancy • Shared HVAC and environmental controls
  • 21. External services • Proximity to… – Local fire facilities – Police – Hospital/Medical Facilities
  • 23. Implementation • Security breach alarms • On-premises security officers • Server operations monitoring • Early warning smoke detectors • Redundant HVAC equipment • UPS and backup generators • Seismically braced server racks • Biometric access and exit sensors • Continuous video surveillance • Electronic motion sensors
  • 26. Walls • All walls must have acceptable fire rating – Floor to ceiling • Any closets storing media must also have acceptable fire rating
  • 27. Ceiling • Can they bear the right weight? • Acceptable fire rating
  • 28. Floors • Slab – 150 pounds per square foot weight bearing • Raised – Concerned with • Fire rating • Electrical conductivity – Employ non conducting surface material in data center!
  • 29. Doors • Must resist forced entry • Solid or hollow? • Hinges hidden, internal or fixed • Fire rating equivalent to that of adjacent wall • Emergency exits must be... – Clearly marked – Monitored – Alarmed • Electrical doors – Fail safe or fail secure?
  • 30. Windows • Should prevent any viewing… • Windows in data center? • Windows types…
  • 37. Keep an eye on… • Sprinkler systems – Location and type must be known • Water and gas pipelines – Location of the shut off valves must be known – Water, steam and gas lines should have positive drains • Flow outward and away from the building! • Air conditioning – Dedicated power for data centers – EPO switch should be known – Provide outward positive air pressure – Prevent intake of potential toxins into the facility
  • 39. Audit logs • Identify entry attempts and who attempted them • Preventive or detective controls? – Date and time of access attempt – Whether the attempt was successful or not – Where the access was granted (i.e. which door) – Who attempted the access – Who modified the access privileges at the supervisor level – Can send alarms or alerts if required
  • 40. Emergency procedures • Should be clearly documented and readily accessible • Copies should be stored offsite in the event of a disaster • Should be updated periodically • Should include the following… – Emergency system shutdown procedures – Evacuation procedures – Employee training, awareness programs, and periodic drills • Fire drills – Periodic equipment and systems tests
  • 42. Pre-employment screening • Employment, references and educational history checks • Background investigation and/or credit rating checks for sensitive positions
  • 43. On-going employee checks • Security clearances • Ongoing employee ratings or reviews by supervisors
  • 44. Post-employment procedures • Exit interview, removal of network access, return of computers, etc.
  • 45. Environmental and life safety controls
  • 46. Environmental control areas • Electrical Power • Fire Detection and Suppression • Heating, Ventilation and Air Conditioning (HVAC)
  • 47. Electrical power • Disruptions in electrical power can have a serious business impact • Goals… – Clean and steady power – Excellent power quality • Design considerations… – Dedicated feeders – Alternate power source – Access controls • Secure breaker and transformer rooms
  • 48. Electrical power threats • Electrical noise • Anomalies • Electrostatic discharge
  • 49. Electrical noise • Random disturbance interfering with devices – EMI and RFI • Caused by… – Components of electrical system – Fluorescent lighting, Truck ignitions • Can cause permanent damage to sensitive components in a system!
  • 50. Types of EMI noise • Common mode noise – Noise from radiation generated by the difference between the “Hot” and “Ground” wires • Transverse mode noise – Noise from radiation generated by the difference between the “Hot” and “Neutral” wires
  • 51. Protective measures for noise • Proper line conditioning • Proper grounding of the system to earth • Cable shielding • Limited exposure to magnets, electrical motors, and fluorescent lights
  • 52. Electrical anomalies • Power excess – Spike – Momentary high voltage – Surge – Prolonged high voltage • Power loss – Fault – Momentary power outage – Blackout – Complete loss of power • Power degradation – Sag/dip – Momentary low voltage condition for few seconds – Brownout – Prolonged low voltage power supply
  • 53. Electrical anomalies • Transients – Line noise that is superimposed on the supply circuit can cause fluctuation in power • Inrush current – Initial surge of current required to start a load
  • 54. Electrical support systems • Surge suppressors • Uninterruptible power supplies – Only for duration needed to safely shutdown systems • Emergency shutoff switch (EPO switch) – Should be monitored by camera • Alternate Power Supply – Generator, Fuel Cell, etc.
  • 55. Electrostatic discharge • Power surge generated by a person or device contacting another device and transferring a high voltage shock! • Affected by low humidity!
  • 56. Static charge and damage • At 40 Volts – Sensitive circuits and transistors • At 1000 Volts – Scramble monitor display • At 1500 Volts – Disk drive data loss • At 2000 Volts – System shutdown • At 4000 Volts – Printer jam
  • 57. Static charge and damage (2) • At 17000 Volts – Permanent chip damage
  • 58. Acceptable humidity • Ideal humidity range = 40% to 60% – High humidity > 60% • Causes problems with condensation on computer equipment • Cause corrosion of electrical connections – sort of like “Electroplating” and impedes electrical efficiency – Low humidity < 40% • Can cause increase in electrostatic discharge • Up to 4000 Volts under normal humidity • Up to 25,000 Volts under very low humidity
  • 59. Precautions for static electricity • Use anti-static sprays where possible • Operations or computer centers should have anti- static flooring • Building and computer rooms should be grounded properly • Anti-static table or floor mats • HVAC should maintain proper level of humidity in computer rooms
  • 60. Fire protection • Three ways to tackle fire… – Fire Prevention – Fire Detection – Fire Suppression • Three elements that keep the fire going… – Heat – Oxygen – Fuel – We just need to kill one element to kill the fire!
  • 61. Types of fires Class Description (Fuel) A Common combustibles such as paper, wood, furniture, clothing B Burnable fuels such as gasoline or oil C Electrical fires such as computers and electronics D Special fires such as chemical, metal K Commercial kitchen fire
  • 62. Fire prevention • Use fire resistant materials for walls, doors, furnishings, etc. • Reduce the amount of combustible papers around electrical equipment • Provide fire prevention training to employees – REMEMBER: Life safety is the most important issue! • Conduct fire drills on all shifts so that personnel know how to exit a building!
  • 63. • Ionization-type Smoke Detectors – Detect charged particles in smoke • Optical (Photoelectric) Detectors – React to light blockage caused by smoke • Fixed or Rate-of-Rise Temperature Sensors – Heat detectors that react to the heat of a fire – Fixed sensors have lower false positives • Flame Actuated – Senses infrared energy of flame or pulsating of the flame – Very FAST response time but expensive! Fire detection
  • 64. Fire extinguishing methods Class Description (Fuel) Extinguishing Method A Common combustibles such as paper, wood, furniture, clothing Water, Foam B Burnable fuels such as gasoline or oil Inert Gas, CO2 C Electrical fires such as computers and electronics Inert Gas, CO2 (Note: Most important step: Turn off electricity first!) D Special fires, such as chemical, metal Dry Powder (May require total immersion or other special techniques) K Commercial kitchen fire Wet Chemicals
  • 65. Fire suppression • Carbon Dioxide, Foam, Inert Gas and Dry Powder Extinguishers DISPLACE Oxygen to suppress a fire • CO2 is a risk to humans (Because of oxygen displacement) • Water suppresses the temperature required to sustain a fire
  • 66. Fire suppression - Halon • Halon banned for new systems under 1987 Montreal Protocol on substances that deplete the Ozone Layer – Began implementation of ban in 1992 – Any new installations of fire suppression systems must use alternate options – EU requires removal of Halon from most applications • Halon replacements: – FM200 – Water
  • 67. Fire suppression - Water • Wet Pipe – Always contains water – Most popular – 165°F Fuse Melts – Can freeze in winter – Pipe breaks can cause floods • Dry Pipe – No water in pipe – Preferred for computer installations – Water held back by clapper – Air blows out of pipe, water flows
  • 68. Fire Suppression – Water (2) • Deluge – Type of dry pipe – Water discharge is large – Not recommended for computer installations • Preaction – Most recommended for computer room – Combines both dry and wet Pipes – Water released into pipe first then after fuse melts in nozzle the water is dispersed
  • 69. HVAC • Heating, Ventilation, and Air Conditioning • Usually the focal point for Environmental Controls • You need to know who is responsible for HVAC in your building • Clear escalation steps need to be defined well in advance of an environmental threatening incident
  • 70. HVAC issues • Are computerized components involved? • Does it maintain appropriate temperature and humidity levels and air quality? – Ideal Temperature = 70° to 74° F – Ideal Humidity = 40% to 60% • Maintenance procedures should be documented
  • 72. Elements of physical security • Badges • Restricted Areas • Lights • Dogs • CCTV • Locks • Access Control • Barriers • Security Forces • Fences • Intrusion Detection Systems
  • 73. Functions of physical security • Deter • Detect • Delay • Respond
  • 74. Perimeter protection • Perimeter security controls are the first line of defense • Protective barriers – Natural or structural – Natural barriers • Terrains that are difficult to cross • Landscaping (Shrubs, Trees, Spiny shrubs) – Structural barriers • Fences, Gates, Bollards, Facility Walls
  • 75. Fences • Know These Fencing Heights: – 3 ft – 4 ft high  Deters casual trespassers – 6 ft – 8 ft high  Too hard to climb easily – 8 ft high with 3 strands of barbed wire  Deters intruders • Types of fencing – Chain link – Barbed wire – Barbed tape or Concertina wire
  • 76. Fences (2) • Chain link… – 6 feet tall (Excluding top guard) – 8 feet tall (With top guard) – 2 inch openings or less – Reach within 2 inches of ground or on soft ground should be below the surface – Be sure vegetation or adjacent structures do not bridge over the fence This is at least 8 Feet
  • 80. Intrusion detection & surveillance • Perimeter Intrusion Detection Systems – Sensors that detect access into the area • Photoelectric • Ultrasonic • Microwave • Passive infrared (PIR) • Pressure sensitive (Dry contact switch) – Surveillance Devices • Closed-Circuit Television (CCTV)
  • 81. Motion detectors • Wave Pattern – Generates a frequency wave pattern • Capacitance – Monitors an electrical field around an object • Audio Detectors – Monitors any abnormal sound wave generation – Lots of false alarms
  • 82. CCTV • A television transmission system that uses cameras to transmit pictures to connected monitors • CCTV levels: – Detection: The ability to detect the presence of an object – Recognition: The ability to determine the type of object (animal, blowing debris, crawling human) – Identification: The ability to determine the object details (person, large rabbit, small deer, tumbleweed)
  • 83. CCTV components • Camera – Fixed, Zoom – Pan, Tilt • Transmission Media – Coax Cable – Fiber Cable – Wireless • Monitor
  • 84. CCTV deployment features • Cameras high enough to avoid physical attack • Cameras distributed to include blind areas • Appropriate Lenses • Pan, Tilt, Zoom (PTZ) as required • Ability to be recorded • Camera system tied to alarm system • Number and quality of video frames increased during alarm event • Regular service of moving parts • Cleaning lenses
  • 85. CCTV application guidelines • Understand the facility’s total surveillance requirements • Determine the size of the area to be monitored – Depth, Height, and Width – Ensures proper camera lens specifications • Lighting is important – Different lamps and lighting provide various levels of effectiveness – ‘Contrast’ between the object and background – For outdoor use, the US army specifies the automatically adjusted Iris feature
  • 86. CCTV legal & practical implications • Storage implications of recorded data • Video tapes must be stored to prevent deterioration • Digital records must be maintained to assert integrity • Human rights and privacy implications in recording people • Requirements to blur/pixelate individuals other than accused!
  • 87. Lighting • Provides a deterrent to intruders • Makes detection likely if entry attempted • Should be used with other controls such as fences, patrols, alarm systems, CCTV • Critical protected buildings should be illuminated up to 8 feet high, with 2 foot-candle power!
  • 88. Types of lighting • Continuous Lighting (Most Common) – Glare Projection – Flood Lighting • Trip Lighting • Standby Lighting • Movable (Portable) • Emergency Lighting
  • 89. Locks • Locks are considered delay devices only • Defeated by force and/or the proper tools • Never be considered stand-alone method of security • Types of locks…
  • 96. Lock security measures • Key control procedures – Restrict issue of keys on a long-term basis to outside maintenance or janitorial personnel – Keep a record of all issued keys – Investigate the loss of all keys • When in doubt, rekey the affected locks – Use as few master keys as possible – Issue keys on a need-to-go basis – Remember – Keys are a single-factor authentication mechanism that can be lost, stolen, or copied! • (Use 2-factor methods for more secure areas)
  • 97. Compartmentalized area • Location where sensitive equipment is stored and where sensitive information is processed – Must have a higher level of security controls!
  • 98. Portable device security • Laptops, PDAs, Etc. – Protect the device – Protect the data in the device • Examples: – Locking the cables – Tracing software – Encryption software – PIN Protection for PDAs – Inventory system
  • 99. Alarm systems • Local alarm systems – Alarm sounds locally and must be protected from tampering and audible for at least 400 feet • Central station units – Monitored 7x24 and signaled over leased lines – Usually within < 10 minutes travel time – Private security firms • Proprietary systems – Similar to central but owned and operated by customer
  • 100. Alarm systems (2) • Auxiliary station systems – Systems that ring at local fire or police stations • Line supervision – Alarm sounds when alarm transmission medium detects tampering
  • 101. Drills, testing and maintenance
  • 102. Drills • Keep everyone aware of their responsibilities • Focus on building evacuation exercises
  • 103. Testing • Employ physical penetration testing • Identify weak entry points • Keep findings documented • Keep checklists to ensure consistency
  • 104. Maintenance • Monitor the maintenance • Contractually bound the contractors – Audit services provided • Proper change and configuration management
  • 105. Data destruction • Data Destruction and Reuse… – Degaussing or overwriting usually destroys most data – Normal formatting does not destroy the data – Format or overwrite 7 times (Mil-Spec) – Consider shredding hard drives, other portable media – Paper records = Confetti shred or burn!
  • 107. Question 1 • Under what conditions would the use of a "Class C" hand-held fire extinguisher be preferable to the use of a "Class A" hand-held fire extinguisher? A. When the fire is in its incipient stage. B. When the fire involves electrical equipment. C. When the fire is located in an enclosed area. D. When the fire is caused by flammable products.
  • 108. Question 1 • Under what conditions would the use of a "Class C" hand-held fire extinguisher be preferable to the use of a "Class A" hand-held fire extinguisher? A. When the fire is in its incipient stage. B. When the fire involves electrical equipment. C. When the fire is located in an enclosed area. D. When the fire is caused by flammable products.
  • 109. Question 2 • Which of the following is the most costly countermeasure to reducing physical security risks? A. Procedural controls B. Hardware devices C. Electronic systems D. Personnel
  • 110. Question 2 • Which of the following is the most costly countermeasure to reducing physical security risks? A. Procedural controls B. Hardware devices C. Electronic systems D. Personnel
  • 111. Question 3 • Which type of fire extinguisher is most appropriate for an information processing facility? A. Type A B. Type B C. Type C D. Type D
  • 112. Question 3 • Which type of fire extinguisher is most appropriate for an information processing facility? A. Type A B. Type B C. Type C D. Type D
  • 113. Question 4 • Which of the following floors would be most appropriate to locate information processing facilities in a 6-stories building? A. Basement B. Ground floor C. Third floor D. Sixth floor
  • 114. Question 4 • Which of the following floors would be most appropriate to locate information processing facilities in a 6-stories building? A. Basement B. Ground floor C. Third floor D. Sixth floor