1 / 40

Physical Security Domain: Site and Facility Protection, Threat Control, Access Controls

This domain covers the criteria for designing secure sites and facilities, including perimeter security, building and inside security, and secure operational areas. It also addresses threat sources and controls, as well as the use of physical controls such as locks, access logs, CCTV, and intrusion detection systems.

bneill
Download Presentation

Physical Security Domain: Site and Facility Protection, Threat Control, Access Controls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Dr. Bhavani ThuraisinghamThe University of Texas at Dallas (UTD)June 2011 Physical (Environmental) Security

  2. Domain Agenda • Site and Facility Design Criteria • Perimeter Security • Building and Inside Security • Secure Operational Area

  3. Site Location Considerations • Emergency services • Hazards/ threats • Adjacency

  4. Threats to Physical Security • National / environmental • Utility systems • Human-made/ political events

  5. Threat Sources and Controls Threat • Theft • Espionage • Dumpster diving • Social engineering • Shoulder surfing • HVAC access Controls • Locks • Background checks • Disposal procedures • Awareness • Screen filters • Motion sensors in ventilation ducts

  6. Domain Agenda • Site and Facility Design Criteria • Perimeter Security • Building and Inside Security • Secure Operational Area

  7. Perimeter and BuildingBoundary Protections • First line of defense • Protective barriers • Natural • Structural

  8. Fences • Federal, state or local codes may apply • Parking should not be allowed near fences

  9. Controlled Access Points • Gates are the minimum necessary layer • Bollards

  10. Perimeter Intrusion Detection Systems • Detect unauthorized access into an area • Electronic ‘eyes’ • Note that some perimeters IDSs can function inside the perimeter as well.

  11. Types of Lighting • Continuous lighting • Trip lighting • Standby lighting • Emergency exit lighting • Emergency egress lighting

  12. Access and Visitor Logs and More Rigorous forms of Logging

  13. Closed Circuit Television (CCTV) • CCTV Capability Requirements • Detection • Recognition • Identification • Mixing Capabilities • Virtual CCTV Systems

  14. Guards and Guard Stations • Guards • Deterrent • Possible liability • Guard stations

  15. Domain Agenda • Site and Facility Design Criteria • Perimeter Security • Building and Inside Security • Secure Operational Area

  16. Doors • Isolation of critical areas • Lighting of doorways • Contact devices • Guidelines

  17. Building Entry Point Protection • Locks • Lock components • Body • Strike • Strike plates • Key • Cylinder

  18. Types of Locks • Something you have – Keyed • Something you know – Combinations • Something you are - Biometric

  19. Lock Attacks • Lock picking • Lock bumping

  20. Lock Controls • Lock and key control system • Key control procedures • Change combinations • Fail • Soft • Secure • Safe

  21. Other Electronic Physical Controls • Card access • Biometric access methods

  22. Windows and Entry Points • Standard plate glass • Tempered glass • Acrylic materials • Polycarbonate windows • Entry points

  23. Intrusion Detection Systems (IDS) • Closed circuit television • Sensors and monitors

  24. Escorts and Visitor Control • Visitor access control best practices • Picture identity • Photographs • Enclosed area • Authorized escort

  25. Access Logs • Computerized log • Closed circuit TV

  26. Domain Agenda • Site and Facility Design Criteria • Perimeter Security • Building and Inside Security • Secure Operational Area

  27. Equipment Room • Perimeter enclosure • Controls • Policy

  28. Data Processing Facility • Small devices threat • Server room • Mainframes • Storage

  29. Communications and Power • Wireless access points • Network access control • Utility and power rooms

  30. Work Area • Operators • System administrators • Restricted work areas

  31. Equipment Protection • Inventory • Locks and tracing equipment • Data encryption • Disabling I/O ports

  32. Environmental Controls System • Electric power • HBAC • Water / plumbing • Gas • Refrigeration Threat • Loss of power • Overheating • Flood / dripping • Explosion • Leakage

  33. Fire Protection • Prevention – reduce causes • Detection – alert occupants • Suppression – contain or extinguish

  34. Materials and Suppression Agents

  35. Flooding Area Coverage • Water – sprinkler systems • Gas – Halon/CO2/Argon systems • Best practices for systems • Portable extinguishers

  36. Types of Electrical Power Faults • Complete loss of power • Power degradation • Interference (noise) • Grounding

  37. Loss of Electrical Power • UPS • Generators • Goals of power • Power controls

  38. Heating Ventilation Air Condition (HVAC) • Location • Positive pressure • Maintenance

  39. Other Infrastructure Threats • Gas leakage • Water threats

  40. Key Performance Indicators • # of physical security incidents detected • # of false positives for biometrics

More Related