Physical protection
This presentation is the property of its rightful owner.
Sponsored Links
1 / 30

Physical Protection PowerPoint PPT Presentation


  • 87 Views
  • Uploaded on
  • Presentation posted in: General

Physical Protection. Division of Computer Studies. Objectives. Identify the natural disasters that threaten computer systems Determine the damage assessment and reconstruction techniques (for example how to recover from lost data)

Download Presentation

Physical Protection

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Physical protection

Physical Protection

Division of Computer Studies

Y K Choi


Objectives

Objectives

  • Identify the natural disasters that threaten computer systems

  • Determine the damage assessment and reconstruction techniques (for example how to recover from lost data)

  • Design and select the physical location of a computer server, computer room etc. (where is the best location for computer room?)

  • Measure the air conditioning and power supply sources for computer center, servers and communication equipment (this will disrupt the service.)

  • Describe the various access control mechanisms to prevent unauthorised entries (use password, key/lock)

Y K Choi


Natural disasters

Natural Disasters

  • By definition, a natural disaster is defined as any event that is an act of God or the result of natural causes that are not avoidable.

  • A computer server is more prone to earthquakes in Japan than in Hong Kong.

  • If a computer server is located at Kam Tin, it was more prone to flooding during rainy season.

  • Computer and communication equipment are sensitive to environmental and temperature conditions: that is too hot, humid, cold or inadequate power and software will affect the performance.

Y K Choi


Type of natural disasters in hong kong

Type of Natural Disasters in Hong Kong

Radiation

Falling

Objects

Storms

Floods

Fire

Earthquake

Y K Choi


Earthquake or bomb explosive

Earthquake? Or bomb explosive?

  • All equipment and human will be destroyed.

  • There is nothing you can do.

  • There is why you should not install ONLY one computer centre. (Might be one in Tokyo or the other in Hong Kong)

Y K Choi


Radiation nuclear power generation plant

Radiation – Nuclear Power Generation Plant

  • There is a threat that the nuclear power plant might generate leakage. So far, it has not happened in Hong Kong.

Y K Choi


Radiation monitoring

Radiation Monitoring

  • Environmental Radiation Monitoring Programme (ERMP) This is linked to Hong Kong Observatory.

  • This web site contains many information on radiation.

Y K Choi


Storms and typhoon

Storms and Typhoon

  • This is the typhoon York in 1999.

  • From Hong Kong Observatory

  • In Telephone exchange centres, protection against power surge due to thunder storm is installed.

Y K Choi


Floods computer becomes useless

Floods – computer becomes useless

Y K Choi


Floods

Floods

  • Floods are due to natural causes such as rainstorms, tides in Hong Kong. Say for example, you forget to close the window, while your servers are close to it.

  • In areas prone to flooding, you should locate your computer equipment well above the ground level. It might happen in China, but is unusual in Hong Kong.

  • Falling water: This is common in Hong Kong. If sprinkler systems are present in computer room, you should prepare plastic sheets so that you can cover all equipment in case there is a surge of water. You should change the sprinkler system to other types.

Y K Choi


Threats from water

Threats from Water

  • Flooding may be caused by rain or pipes overflowing

  • Please note that once a computer is wet, it cannot function.

  • If you were the manager, you should install water sensors below the raised floor. This sensor will alter the user.

Y K Choi


Physical protection

Fire

  • Fire is extremely dangerous as it damages not just the equipment but also the human.

  • Life is far important than equipment.

Y K Choi


Physical protection

Fire

  • Fire can be more serious than flooding as it affects human lives (not barbecue)

  • As the fire spread, there is no time to remove the computer equipment and data.

  • A well-planned disaster recovery plan and fire drills (rehearsal) should be practiced.

  • A windowless location with fire-resistant access doors and nonflammable walls can prevent fire spreading.

Y K Choi


Fire extinguisher http www fire extinguisher101 com

Fire extinguisher http://www.fire-extinguisher101.com/

Fire extinguishers are divided into four categories, based on different types of fires. Each fire extinguisher also has a numerical rating that serves as a guide for the amount of fire the extinguisher can handle. The higher the number, the more fire-fighting power. For example, from Class A to D. Class A is for ordinary use (water), class B or C (carbon dioxide) while class D is for chemical plant. Class B is enough for computer room.

Y K Choi


Protecting against fire and smoke

Protecting against fire and Smoke

  • Use smoke detectors and check the function

  • Place a fire extinguishers near the computer room/communication equipment room

  • No smoking in computer areas

  • Use CFCs (or carbon dioxide) fire extinguishers rather than water-based (class B or C)

Y K Choi


Fire and smoke detectors

Fire and Smoke Detectors

  • Smoke detector

  • Fire detector

  • detectors will sound loud, 85 decibel alarms to alert the user of smoke buildup. This could be due to a fire. The device is easily attached to walls or ceilings with batteries.

Y K Choi


Physical facilities

Physical Facilities

  • In the early days, protection was simple as all equipment was kept in a single room with lock.

  • Today, with computers and servers becoming cheaper and smaller, protecting the environment is difficult.

  • Physical security involves tangible measures that are instituted to protect the facility, equipment and information from theft, misuse and disclosure etc.

Y K Choi


Computer room

Computer Room

  • A typical computer room with smoke detector, water sprinkler and raised floor air conditioner

Y K Choi


Physical layout of a computer room http www cyberzone net operatio htm

Physical Layout of a computer room:http://www.cyberzone.net/operatio.htm

Computer room before

Computer room after

Computer room during

Computer room in operation

Y K Choi


Selecting the physical location

Selecting the Physical Location

The physical requirements for security can be met taking the following into account: (from Karen Forcht)

  • Place the computers and servers from main building traffic areas such as far from corridors

  • Avoid a location with outside walls and windows

  • Impose secure door locks

  • Install separate power sources and air conditioning systems (essential power in computer lab.)

  • Install backup light – such as torch

Y K Choi


Cityu s computing services centre

CityU’s Computing Services Centre

Far from students

Y K Choi


Air conditioning equipment

Air Conditioning Equipment

  • It should be independent of the rest building.

  • It should be connected to the fire detection and extinguishing system.

  • Additional smoke exhaust should be installed for emergency use.

  • The alarm should allow sufficient time for a system halt (system halt means no service).

Y K Choi


Access controls

Access Controls

  • It includes key-locks, card-key locks, etc

  • Digital Keypad Locks digital access control locks for any door retrofit any standard knob or lever programmable from the keypad

  • Fingerprint (identify a finger) or photo identification

  • The controls include mirrors to eliminate blind spots in these areas (check with CSC, you will find that it has CCTV and mirror)

Y K Choi


Access controls1

Access Controls

Digital lock, use password to open the door

Computer lock to safeguard the equipment

Access card

Finger print

Y K Choi


Physical checklists example of division of computer studies

Physical checklists – example of Division of Computer Studies

  • Security guard

  • Closed circuit TV

  • Fire extinguisher

  • Access gate

  • Access key lock

  • Sprinkler system

  • Central air-conditioner

  • Essential power (the highest priority to provide power)

  • Computer lock

Y K Choi


Physical checklists example of computer services centre csc 1

Physical checklists – example of Computer Services Centre (CSC) (1)

  • Identification mechanisms - password

  • Entrance control – with Cityu’s card

  • Guard control – with a security guard

  • Television surveillance – closed circuit TV

  • Environmental alarms – alarm in the corridor

  • Fire suppression system – fire extinguisher

  • Fire communication – security office 8888

  • Emergency evacuation – fire exits

  • Remote site backup – NO

Y K Choi


Physical checklists example of csc 2

Physical checklists – example of CSC (2)

  • Disaster recovery plan – Yes

  • Locate computer facilities in low traffic areas – in TSC room

  • Install power sources independent of other areas – essential power supply and uninterruptible power supply

  • Make ceilings and walls watertight – check by yourself

  • Prohibit smoking, easting and drinking in computer room – Yes

  • Place breathing apparatus units around facility – NO, but there is a safety box

Y K Choi


Web site on safety and health

Web site on safety and health

  • There is a web site developed by CityU students to learn the knowledge on safety/security on computer server. http://personal.cityu.edu.hk/~dcsafety

Y K Choi


Summary

Summary

  • The protection of the computer and server room is the first step in securing the operation.

  • Natural disaster such as flood, fire, earthquakes present a real threat

  • Backup copies should be kept in a safe place

  • Computer room should have separate air conditioning, power and electrical supply with fire detection

  • To prevent unauthorised persons, access controls such as locks, password should be installed.

  • Web site: http://personal.cityu.edu.hk/~dcsafety

Y K Choi


Next week

Next Week

  • Web Security

  • Contents

  • Definition of Web security

  • Browser <- >Internet <-> Server

  • Risks that affect the above three

Y K Choi


  • Login