Presentation on theme: "Environmental/Physical Security. Objectives Physical Security - physical protection of the resources of an organization which include people, data, facilities,"— Presentation transcript:
Objectives Physical Security - physical protection of the resources of an organization which include people, data, facilities, equipment, systems, etc. Physical security is the first line of defense ***Safety of people is most important for this domain, and trumps all other considerations.
Threats Natural environmental - Floods, earthquakes, storms, fires, tornadoes, extreme temperature conditions, etc.. Supply system - Power distribution, communications interruptions, and interruption of other natural energy resources such as water, steam, gas, etc.. Manmade - Unauthorized access (internal/external), explosions, damage by employee (deliberate or accidental), vandalism, fraud, theft, etc.. Political - Strikes, riots, civil disobedience, terrorist attacks, bombings, etc.. ****These are all man-made too – know the difference!!!
Layered Security The purpose is to put enough obstacles in front of an intruder to keep them busy until the authorities can take control of the situation. **Damage to assets can be minimized.
Site Selection Visibility – Surrounding terrain – Building markings and signs – Types of neighbors – Population of the area Surrounding area and external entities – Crime rate, riots, terrorism attacks – Proximity to police, medical, and fire stations – Possible hazards from surrounding area Accessibility – Road access – Traffic – Proximity to airports, train stations, and highways Natural disaster – Likelihood of floods, tornadoes, earthquakes, or hurricanes – Hazardous terrain (mudslides, falling rock from mountains, or excessive snow or rain)
Facility Construction Walls Combustibility Fire Rating – walls protecting IT equipment should be 75 according to the NFPA (National Fire Protection Agency) Reinforcement for secured areas Ceilings Combustibility Fire Rating Weight-Bearing Rating Drop Ceilings??? Floors Weight-Bearing Rating (Commonly 150 lbs./sq. ft.) Combustibility Slab??? Raised??? Anti-Static??? Rebar – steel rods encased in concrete Surface material ***Heavy timber construction material - this is a building material – if asked, it is probably the correct answer !!!
Building Layout Data Center should be in the middle to protect from natural disaster. EX: If you have a 5-story building, put it on the 3 rd floor. **Exam Warning** All environmental controls and safety procedures must ensure the safety of all personnel, including those with handicaps. Elevators cannot be used during a fire, for example, so employees in wheelchairs must have a compensating control.
CPTED - Crime Prevention Through Environmental Design reduce crime by directly affecting behavior ***uses zones Natural Access Control – enter/leave building Natural Surveillance – open space/visibility Territorial Reinforcement –dedicated community (sense of ownership)
Target Hardening (alternative to CPTED) Denying access through physical and artificial barriers (alarms, locks, fences, and so on). Traditional target hardening can lead to restrictions on the use, enjoyment, and aesthetics of an environment.
Underwriter Laboratories - UL A non-profit organization that provides the necessary classifications and guidelines for physical security. The organization inspects, tests and classifies various devices and equipment used in physical security.
Fences **PIDAS (Perimeter Intrusion Detection and Assessment System) – sensors on a wire mesh – has a high rate of false alarms General Fence Height: 3-4 ft. – deters casual trespassers 6-7 ft. – too high to easily climb 8ft + 3 strands of barbed wire – deters most ***Nothing will stop a determined intruder
Chain-Link Fence Gauge – thickness of metal 11 gague =.0907 in diameter 9 gague =.1144 in diameter (residential grade) 6 gague =.162 in diameter (thickest) **The lower the gauge, the thicker the wire Meshing – spacing between wires (comes in 2, 1 and 3/8) **Fences with smaller mesh are harder to climb
Chain-Link Fence – contd Extremely Secure: 11 in gauge, 3/8 in mesh Very High: 9 in gauge, 1 in mesh High: 11 in gauge, 1 in mesh Minimally High: 6 in gauge, 2 in mesh Normal Use: 9 in gauge, 2 in mesh
Gates Type Description Class I - Residential (home use) Class II - Commercial/General Access (parking garage) Class III - Industrial/Limited Access (loading dock for 18-wheeler trucks) Class IV - Restricted Access (airport or prison)
Bollards a strong post designed to stop a car; often installed in front of convenience stores, to prevent drivers (who mix up the accelerator and brake) from driving into the store. Many secure facilities use large concrete planters for the same effect. These devices are usually placed in front of physically weak areas.
Lighting **Direct to areas where an intrusion is likely to occur Continuous – fixed lighting to flood an area **most common Standby – supplies illumination in the event that the normal light system fails Moveable – manually operated Responsive Area Illumination – lights come on automatically if activity is detected Emergency – backup lighting used in an emergency Fresnel –lighthouses/theatres; aims light in a specific direction Floodlights – produces a beam of intense light Fluorescent – produces RFI (radio frequency interference) ***Not good for outdoor use Mercury Vapor – the preferred security light – white with a bluish cast (stadium lighting) **takes a while to warm up Sodium Vapor – similar to mercury, but has a yellow tint ***good in fog Quartz lamp – bright white light; used in areas needing to resemble daylight
Lighting – contd Lumen – the amount of light 1 candle can create Footcandle – 1 lumen per square foot Lux – 1 lumen per square meter American Institute of Architects Elevators/lobbies/stairwells – 5-10 fc Building entrances – 5 fc Walkways – 1.5 fc Parking Garages – 5 fc Site Landscape -.5 fc Surrounding building – 1 fc Roadways -.5 fc NIST Critical areas require illumination of 2 wide x 8 high
Closed Circuit TV (CCTV) Functions: surveillance, deterrence, evidentiary archives ***Detective device used to aid in the detecting the presence of intruders in restricted areas. ***Violates privacy - may require employee consent CRT (tube cameras) – analog camera - backs up to tape; VHS Exam Warning ****Tube cameras are sometimes called CRT (cathode ray tube) cameras. Do not confuse CRT cameras with CRT displays: while a CRT camera may be viewed on a CRT display, they are different devices. CCD (Charged Couple Discharge) – digital camera - backs up to DVR/NVR (NVR has the advantage of allowing centralized storage of all video data.) CCTVs using the normal light spectrum require sufficient visibility to illuminate the field of view which is visible to the camera. - Requires 1-2 footcandles of light CCTV displays may display a fixed camera view, autoscan (show a given camera for a few seconds before moving to the next), or multiplexing (where multiple camera feeds are fed into one display). Other exam trivia: Infrared devices can see in the dark by displaying heat. Monochrome cameras can see infrared light.
CRT – contd (camera terms) Auto-iris – adjusts automatically; use in area with changing light (outdoor use) Manual –iris – fixed; use in areas with fixed lighting Depth of Field – the area of the environment in focus on the monitor; affected by: size of lens opening - increases as the size of the opening decreases ***Wide-Angle lens has small lens opening – good for general scenery/landscape distance to object – increases as distance increases focal length of the lens - increases as focal length decreases light – more light allows for a larger depth of field Aperture - the opening through which light travels (see image). Smaller aperture places more of the image in focus, wide aperture lowers depth of field – used in lower light conditions. Shadow Depth of Focus – allows for focus on smaller details shallow depth – portrait/telephoto large depth – landscape/wide-angle Field of View – entire area viewed by the camera; fixed focal length must be changed to get a different field of view Neutral Density Filter – dark focus filter – reduces light Zoom Lenses – allow for a change of angle or distance Pan/Tilt – horizontal movement/ vertical movement
Windows Polycarbonate Acrylic – more resistant to breakage than standard plate windows. Combustible, may produce toxic fumes, may be prohibited by fire code. Glass-Clad Polycarbonate – the strongest window available. Resists breakage, chemicals, fires and abrasions; comes in varying depths (the thicker the stronger) $$$$$$ Embedded Wire – 2 windows with wire between….adds strength but lacks aesthetics Tempered Glass – 5-7 times stronger than regular glass (shatters into small shards – used in cars) Bullet Resistant (BR) – used in banks. Protects up to a 9mm round Laminated Glass – adds plastic, is tough to break and shatter like a web. Comes in various depths. The greater the stronger. (used for windshields) Solar Film – blocks light but no strength Security Film – transparent film… increases strength
Doors Hollow-core door - most commonly used, easily broken Solid-core door - recommended for sensitive area such as data center… should be mounted in a strong doorframe as it is usually the weakest point in a door assembly Fail Safe – defaults to unlocked (concerned w/people; they can get out) Fail Secure – defaults to locked (concerned with data; its locked up) Fail Soft – default to either locked or unlocked – depending on the situation; may continue, but in a degraded state ****People are safe/Data is secure**** **Hinges should always face inward When referring to computer systems, also consider these terms: Failover – switches over to hot backup Fault-tolerent – continues to operate following a failure
LOCKS This is just a delay – eventually, it will get busted! Locks are pick-resistant; not pick-proof Key Lock – can be picked or bumped. Warded – uses a skeleton key (easier to circumvent than Tumbler) Pin Tumbler – locking cylinders, has more parts than warded Spring Bolt/Dead Bolt – enters into a strike plate in the door jamb Combination – always change default combination
LOCKS – contd Button/Key Pad – button wear is a vulnerability. Also subject to brute force and shoulder surfing. Preset – basic mechanical lock requiring a key Programmable – mechanical or electric; subject to shoulder surfing Electronic – uses electronic key or smart card
Cards Smart Cards - smart because they contains a circuit (ICC – Integrated Circuit Card) - digitally encoded ex: CAC cards Magnetic Stripe – the stripe stores information but there is no circuit – THESE ARE NOT SMART CARDS!! Magnetic Strip – rows of copper strips Electric Circuit – has more information than the standard smart card. Contact Cards – goes through a reader Swipe Cards – swiped through a reader Contactless Cards – use radio frequency identification (RFID) – contain transponders and are read by transceivers – wireless proximity reader Optical-Coded – laser-burned lattice of digital dots (popping up on drivers licenses) Proximity Card –either user activated or system sensing – passive, field-powered, transponder PhotID Cards are dumb cards
Cards – contd ***Use of cards adds accountability Vulnerabilities: Side Channel Attacks Card Tampering (theres a word for this, but I cant remember)
Intrusion Detection/Motion Sensors ***Intrusion Detection Systems (IDS) do not stop an intruder – they only detects the intrusion. Electromechanical system - detects change or break in a circuit; can be strips of foil embedded or connected to windows which, when broken, sounds an alarm. Vibration detectors can detect movement on walls, screens, ceilings, and floors when the fine wires embedded within the structure are broken. Magnetic contact switches - installed on windows and doors. If the contacts are separated, an alarm will sound. Balanced Magnetic Switch (BMS) – magnet on a door and frame; sounds alarm when connection is broken Pressure Pad - placed under a rug and activated after hours. If someone steps on the pad, an alarm initiates. Volumetric systems – (more sensitive than electromagnetic) - detects changes in vibration, microwave, ultrasonic frequencies, infrared..etc… (change in subtle environmental characteristics). Types of volumetric IDSs are photoelectric, acoustical-seismic, ultrasonic, and microwave
Intrusion Detection/ Motion Sensors – contd Photoelectric system (or photometric system) - detects change in a light beam; can only be used in an environment without windows; emit a beam that hits the receiver… if beam is interrupted, an alarm sounds. Beam can be invisible or visible. (Catherine Zetta Jones– Entrapment) Acoustical /Audio detection system - uses microphones to passively listen for abnormalities; susceptible to false alarms. Vibration sensors - similar to acoustical; senses vibration in walls and floors – susceptible to false alarms. Motion Activated Camera – sounds alarm when intruder enters field of view Wave-pattern motion detectors - differ in the frequency of the waves they monitor which are: microwave, ultrasonic, and low frequency. All of these devices generate a wave pattern that is sent over a sensitive area and reflected back to a receiver. If the pattern returns altered, an alarm sounds. Proximity/Capacitance detector - emits magnetic field around that which is being monitored. An alarm sounds if the field is disrupted; usually used to protect specific objects (artwork, cabinets, or a safe)
Intrusion Detection/ Motion Sensors – contd Infrared Sensors: Active Sensor ultrasonic/microwave – bounces off of an object photoelectric – sends a beam of light Passive Infrared Sensor (PIR) - detects infrared energy created by body heat; identifies the changes of heat waves of an area. Coaxial Strain-Sensitive Cable – coax is woven through fence w/ electric field (susceptible to EMI and RFI) Time Domain Reflectometry (TDR) – sends radio frequency signals on a cable Dual Technology Sensors – combination of microwave and infrared sensors; alarm sounds when BOTH detect the intrusion (reduces false alarms) Microwave and Ultrasonic – radiates controlled pattern of microwave energy and measures the echo time; establishes a baselevel and compares echo response time (it comes back faster if it hit something) Monostatic- uses single sensing unit that incorporates sending and receiving Bistatic– sends invisible volumetric detection field Behavioral-based – profile based Pattern matching – signature based
Alarms Perimeter alarms - magnetic door and window alarms as well as sensors on the wall. A break in the circuit will set off an alarm to a central alarm station. Types of alarm systems: Local System – rings bell on premise Central Station System – signal is sent to the local station Proprietary System – an in-house system; has all the bells and whistles of a 3 rd party monitoring system Auxiliary Station System – rings to local fire and police Remote Station System - An electronic fire alarm system capable of notifying the fire department when the system is activated by a fire. Other Monitoring: Line Supervision – monitors line tampering Power Supplies – monitors power
Dogs Expensive to maintain Legal issues (liability) They have a lack of judgement
Guards PROS Discernment - Able to use human judgment Multi –functional Visibility CONS Unpredictable Subject to human error Cost Availability Reliability Training
Tailgating/Piggybacking Following an authorized person through a locking device. Policy should forbid employees from allowing tailgating and security awareness efforts should describe this risk. Attackers attempting to tailgate often combine social engineering techniques, such as carrying large boxes, increasing the chances an authorized user will help out by holding the door open.
Turnstile designed to prevent tailgating by enforcing a one person per authentication rule, just as they do in subway systems. Secure data centers often use floor-to-ceiling turnstiles with interlocking blades to prevent an attacker from going over or under the turnstile. must be designed to allow safe egress in case of emergency. No system should require authentication for egress during emergencies. *****Turnstiles can also be called a bafflegate
Mantraps a preventive physical control with two doors. The first door must close and lock before the second door may be opened. Each door typically requires a separate form of authentication to open; a common combination is PIN (Personal Identification Number) and biometrics. The intruder is trapped between the doors after entering the mantrap. must be designed to allow safe egress in case of emergency. No system should require authentication for egress during emergencies.
Electricity Blackout: prolonged loss of power Brownout: prolonged low voltage Fault: short loss of power Surge: prolonged high voltage Spike: temporary high voltage Sag: temporary low voltage In-rush: initial surge of power Transient: short duration of noise Clean: no fluctuation; pure power Noise: steady interference Ground: the pathway to the earth to enable excessive voltage to dissipate; one wire in circuit must be grounded Power Line Monitor: detects frequency and voltage amplitude changes Regulator: keeps voltage steady, power clean
Electricity – contd Surge Protector - protect equipment from damage due to electrical surges. They contain a circuit or fuse which is tripped during a power spike or surge, shorting the power or regulating it down to acceptable levels. Uninterruptible Power Supplies (UPS) - temporary backup power in the event of a power outage. They may also clean the power, protecting against surges, spikes, and other forms of electrical faults. UPSs provide power for a limited period of time, and can be used as a bridge to generator power. Generators - designed to provide power for long periods of times, and will run as long as fuel is available. Sufficient fuel should be stored onsite for the period the generator is expected to provide power. Refueling strategies should be considered. should not be placed in areas impacted by weather events contain complex mechanics; should be tested/serviced regularly
Electricity – contd Common-Mode Noise – radiation generated by the charge difference between hot and ground wire Transverse-Mode noise – (same as above) but between hot and neutral wire RFI - Radio Frequency Interference – noise generated from radio waves EMI - Electromagnetic Interference – magnetism emitted by any electric conductor: circuits, power cables, network cables… etc.. Crosss Talk - occurs between poorly shielded network cables – impacts INTEGRITY and possibly CONFIDENTIALITY; can be mitigated via proper network cable management. Never route power cables close to network cables. Network cable choice can also lower crosstalk; Unshielded Twisted Pair (UTP) cabling is far more susceptible than Shielded Twisted Pair (STP) or coaxial cable.Unshielded Twisted PairShielded Twisted Paircoaxial Fiber optic cable uses light instead of electricity to transmit data, and is not susceptible to EMI.
Electricity – contd TEMPEST (Transient Electro-Magnetic Pulse Emanation Standards & Testing) – standard for controlling emanations emitted by electrical equipment FARADAY – (Faraday Cage) – an enclosure formed by conductive material or by a mesh of such material. The enclosure blocks out external static electricity fields. (1500 volts from a static charge can cause data loss on a disk drive.)
HVAC Latent Cooling – removes moisture Sensible Cooling – removes heat (used in a data center) Data Center humidity: 40-60% Too high: condensation Too low: static Data Center temperature: 70-74F (can be higher if there is adequate air flow) ***USE ANTI-STATIC FLOORS Positive Air Pressure - ensures higher air pressure inside than out. Air goes out the door when openned/ouside air does not come in (allows smoke to exit in the event of a fire) Positive Drain – water flows out not in.
FIRE Fire Triange: HEAT OXYGEN FUEL Reduce Temerature Reduce Oxygen Supply Reduce Fuel Supply Interfere with Chemical Reaction
Fire U.S. Class Europe Class Material Suppression Agent A A Common Water or Soda Acid Combustibles (wood and paper) B B Liquid Halon/halon substitiute, CO 2, or Soda acid B C Flammable Gases Halon/halon substitute, CO 2, or Soda acid C E Electrical Halon/halon substitiute, CO 2 D D Metals Dry powder K F Kitchen (oil or fat) Wet chemicals
Smoke Detectors Ionization – NO LIGHT; it measure particle change; radioactive source creates small electrical charge Photoelectric – BEAM OF LIGHT; contains LED (light emitting diode) (Both alert when interrupted by smoke **Neither has line of sight limitation) Aspirating – draws air into a sample chamber Flame Detectors – detects infrared or ultraviolet light emitted from a fire. **Needs line of sight Heat Sensing – measures temperature change Fixed- temperature (lower rate of false alarm Rate-of-rise Flame Sensing – senses the flicker (infrared energy of the flame) Smoke Sensing – detects smoke Automatic Dial-Up – calls fire dept. and plays a pre-recorded message
Suppression Agents Water –the safest of all suppressive agents - removes heat; recommended for CLASS A. ***Cut electrical power when extinguishing a fire with water Soda Acid (sodium bicarbonate mixed w/water - glass acid vial suspended on top) – Breaking vial creates a gas and floats on top of the fire; removes heat, starves oxygen supply; CLASS A OR B Dry Powder (such as sodium chloride) - removes heat and oxygen; smothers fire; Primarily used for CLASS D Wet Chemical (potassium acetate mixed with water) - covers a grease or oil fire in a soapy film which lowers the temperature; primarily used for CLASS K. CO 2 – RISK: is it is odorless and colorless, and our bodies will breathe it as air. By the time we begin suffocating, it is often too late. Recommended for use in unstaffed areas. Requires special training for use; additional safety controls (such as oxygen tanks) are usually recommended. Removes the oxygen. Use for CLASS B or C ***A gas mask can not be used with CO 2 – it sucks out the oxygen!! Halon – interferes with the chemical reaction; breaks the triangle - see next slide
Halon/Halon Replacements Montreal Protocol (1987) –IS Cworldwide ban of ozone depleting CFCs - amended in 1992 to establish a phase-out schedule (CARRIED OUT IN THE US AS PART OF THE CLEAN AIR ACT) Halon and Halon Substitutes – causes a chemical reaction that consumes energy and lowers the temperature Argon – IG55 FE-13 – HFC23 - the newest of these agents, and comparatively safe; can be breathed in concentrations of up to 30%. (Other types typically only safe up to 10-15% concentration.) FM-200 – HFC227 – the most commonly used Inergen – IG541 – not halocarbon agent; it is an inert gas agent CEA – 410 CEA – 308 NAS – S – III (HCFC Blend A) Argonite – IG01 Trick Question: **HFC – 22 – (R-22) – refrigerant of choice – used in heat pumps and A/C units (a bi-product of this is HFC-23)
Countdown Timer CO 2, halon, and halon substitutes such as FM- 200 are considered gas-based systems. All gas systems should use a countdown timer (both visible and audible) before gas is released. This is primarily for safety reasons, to allow personnel evacuation before release. A secondary effect is to allow personnel to stop the release in case of false alarm.
Sprinklers Wet Pipe – has water right up to the sprinkler head which contains a metal or small glass bulb designed to melt or break at a specific temperature. The bulbs come in different colors, which indicate the trigger temperature: orange (135 °F/57 °C) red (155 °F/68 °C) yellow (175 °F/79 °C) green (200 °F/93 °C) blue (286 °F/141 °C) Dry Pipe - also has a closed head, but filled with compressed air. Water is held back as long as sufficient air pressure remains in the pipes. As the sprinkler heads open, the air pressure drops allowing water to flow. Often used in areas where water may freeze, such as parking garages. Deluge - similar to dry pipes, except the sprinkler heads are open and much larger. The pipes are empty at normal air pressure; the water is held back by a deluge valve. The valve is opened when a fire alarm triggers. Pre-Action - a combination of wet, dry, or deluge systems, and require two separate triggers to release water. Single interlock systems release water into the pipes when a fire alarm triggers. The water releases once the head opens. Used in areas such as museums, where accidental discharge would be expensive. Single interlock – releases water Double interlock - use compressed air (same as dry pipes): the water will not fill the pipes until both the fire alarm triggers and the sprinkler head opens. Used in cold areas such as freezers to avoid frozen pipes. Gas Discharge – usually installed under floor boards to smother a fire
Fire Extinguisher All portable fire extinguishers should be marked with the type of fire they are designed to extinguish. Portable extinguishers should be small enough to be operated by any personnel who may need to use one. This means those old brass monster extinguishers are not a recommended control. Use the PASS method to extinguish a fire with a portable fire extinguisher: Pull the pin Aim low Squeeze the pin Sweep the fire
Evacuation Safety Warden – ensures everyone is evacuated from the building Meeting Point Leader – ensures everyone is accounted for Emergency Procedure should include: Shutdown procedure Evacuation procedure Employee Training/Drills Equipment and System tesing
Fire Misc. Computer Systems are 175F Magnetc Storage is 100F Paper is 350F Noncombustible – will not aid or add appreciable heat to an ambient flame Fire Retardent – lessens or prevents the spread of a fire Non-flammable – will not burn Fire Resistant – applicable for use in a computer room Plenum Areas - wiring and cables should be strung in spaces above dropped ceilings, in wall cavities, and the space under raised floors. Only plenum-rated cabling should be used in plenum areas, which is cabling that is made out of material that does not let off hazardous gases if it burns. Plenum Cables – do not release hazardous gass when burned.
Media Handling Store media offsite. Use bonded/insured companies Site should be reasonable distance (accessible, but not subject to the same natural disasters) Media should be securely cleaned/destroyed before disposal – AVOID OBJECT REUSE (also a target of dumpster-diving)
Data Removal Remanence – remnants of data left behind – data is still there (deleting files or formatting a hard disk) Overwriting – writes over previous data – more secure than deleting of reformatting – less secure than destruction Degausing – destroys the integrity by exposure to a magnetic field (disks can usually no longer be formatted) Oersted - A unit of magnetic intensity equal to the intensity of a magnetic field in a vacuum. Coercivity - The amount of applied magnetic field (of opposite polarity) required to reduce magnetic induction to zero. The ease (or difficulty) by which magnetic media can be demagnetized. A tape with a rating of 1800 oersteds or higher will also be called a high coercivity tape.