Presentation is loading. Please wait.

Presentation is loading. Please wait.

Donald Hester March 29, 2011 For audio call Toll Free 1 - 888-886-3951 and use PIN/code 661899.

Similar presentations

Presentation on theme: "Donald Hester March 29, 2011 For audio call Toll Free 1 - 888-886-3951 and use PIN/code 661899."— Presentation transcript:


2 Donald Hester March 29, 2011 For audio call Toll Free 1 - 888-886-3951 and use PIN/code 661899

3 Maximize your CCC Confer window. Phone audio will be in presenter-only mode. Ask questions and make comments using the chat window. Housekeeping

4 Adjusting Audio 1)If youre listening on your computer, adjust your volume using the speaker slider. 2)If youre listening over the phone, click on phone headset. Do not listen on both computer and phone.

5 Saving Files & Open/close Captions 1.Save chat window with floppy disc icon 2.Open/close captioning window with CC icon

6 Emoticons and Polling 1)Raise hand and Emoticons 2)Polling options

7 Donald Hester

8 Introduction Topics Covered Physical security of information systems Environmental protection of information system (Not the green type) Some life safety issues

9 Heat (internal and external) Water (leak, flood, weather) Theft Power (loss or spike) Fire (smoke) Natural disaster (earthquake, tornado etc..) Man made disaster (chemical spill) Loss of life 8

10 Start at the top: The organization understand the importance and will to commit need resources Policy should: Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance 9

11 Designate sensitive verses publicly accessible areas List of authorized personnel To access sensitive areas Review the list regularly To make sure you remove anyone who no longer needs access 10

12 Selecting Internal areas that need more control Determine what assets require extra security Control access of customers (students) Restrict computer access or LAN access from lobbies

13 Enforce access authorizations Verify access authorization before granting access Control entry Control publicly accessible areas in accordance with risk Secure keys, combinations, passwords, PINs, and other physical devices 12


15 Secure keys, combinations, passwords, PINs, and other physical devices Key log (who has the keys) Rekey (when a key is lost) Recovery (get keys back) Change combination (like password) Important events Someone is terminated or leaves Lost or compromised 14

16 Doors No more than two doors Locks, or electronic door locks Strike-plates on doors Tamper-resistant hinges on doors Resistant to forcible entry Fire rated doors and walls Internal windows should be small and shatter or bullet proof 15

17 Control access to the cables used for communication Ethernet Telecom Wiring closets Spare jacks Conduit or cable trays 16

18 What output devices need control? Printers Monitors Audio devices For example HR prints to a printer no one can simple walk by and pick up the print out (restricted area) Same with finance and transcripts Protect from theft 17

19 Monitor physical access CCTV especially in cash collection sites Log access Access control devices can log who gained access Netbotz (example not an endorsement) Detect and respond to incidents 18

20 Closed-circuit TV Wired or wireless Simplest camera connected to TV monitor More complex can detect, recognize, or identify Smart CCTV – facial recognition technology Purpose to detect & deter also used in investigations

21 Security Applications Safety Applications Management Tool Investigation Tool

22 Contractors and employees access to restricted areas Monitor visitor activity Sign in Check ID Did you know they were coming? Appointment only 21

23 Keep records Review records Records should include: Name/organization of the person visiting Signature of the visitor Form(s) of identification Date of access, time of entry and departure Purpose of visit name/organization of person visited 22

24 Concern is loss of power resulting in down time Protect power equipment Access control to sub panels Fire code issues Protect power cables Redundant or parallel power cables 23

25 Power switch to turn off all system Life safety issue Server rooms can be equipped with a switch that will turn off all equipment included those on battery backup Place switch in a accessible location Protect switch from accidental activation 24

26 Provide a short-term uninterruptible power supply to facilitate an orderly shutdown of the information system in the event of a primary power source loss UPS for short time periods What is your current UPS rated for? Is that enough time for a orderly shutdown? Have you check the battery life lately? 25

27 Provide a long-term alternate power supply for the information system that is capable of maintaining minimally required operational capability in the event of an extended loss of the primary power source Power generator How important is uptime? How reliable is the power grid? 26

28 Employ and maintains automatic emergency lighting Life safety issue again Typically lights are in common areas and not always in a server room Typically handled by facilities personnel 27

29 Fire suppression and detection devices/systems Fire Prevention Fire Detection Fire Alarm Fire Suppression Fire Drills 28

30 Fire suppression devices/systems Should have an independent power source Properly rated fire extinguisher Sprinklers, dry pipe best Should have automatic shut down of servers Halon FM-200 (or FE-227), FE-13, FE-25, Novec-1230, inert gas systems like Argonite, Inergen or CO2 Toxic fumes from burning plastic 29

31 30

32 Maintains temperature and humidity levels Monitors temperature and humidity levels Maintain a constant temperature be between 70-74F (21-23C) Maintain a constant humidity between 45-60% High humidity causes corrosion and low humidity causes static electricity. 31

33 Positive air pressure Air flow out of the room Limits dust getting in Protected air vents Possible entry point Filtered air Dust reduces heat transfer and can cause heat damage to circuits Redundant HVAC systems 32

34 Protects the information system from damage resulting from water leakage Master shutoff valves Accessible Working Known by key personnel Not just for the server room, wire closets Positive flow water drains Protect from the risk of flooding 33

35 Authorizes, monitors, and controls computer equipment entering or exiting the facility Record of those items Theft is the big issues here 34

36 Part of Business Continuity Planning Consider physical and environment controls in alternate work site 35

37 Position information system components within the facility to minimize potential damage from physical and environmental hazards and to minimize the opportunity for unauthorized access Where is the best place in your facility for a server room? External issues? Proximity of emergency services Offsite hazards 36

38 Avoid the basement Avoid the top floor Avoid the first floor Avoid be located near stairs, bathrooms, water pipes, elevators or EMI emissions Avoid locating it on an external wall Avoid external windows and doors 37

39 Plenum space Requires plenum cabling Raised false floors Access to & protect cabling Drop ceilings can give access to server rooms Walls should extend beyond any false or drop ceilings Security Mesh to help stop break-ins through gypsum walls 38

40 Site Location (Site Survey) Proximity to emergency services Flood zones, types of natural events, e.g. earthquake, hurricane, tornado Proximity to hazardous materials, e.g. next to a oil refinery, train tracks Redundant roads or ways in to the area Crime rates for the area



43 Crime Prevention Through Environmental Design (CPTED) The building and facilities (campus) are designed in such a way as to limit or deter crime. Parking lots & lighting Perimeter lighting Perimeter security Landscaping Barriers (bollards) 42

44 Tempest Protect the information system from information leakage due to electromagnetic signals emanations 43

45 Shielding from: Electromagnetic interference (EMI) Radio frequency interference (RFI) Shielded cabling, room Electrostatic discharge (ESD) Anti-static flooring Anti-static wrist strap 44

46 For life safety Clearly mark exits for life safety Clearly mark locations of fire extinguishers Clearly mark shutoff switches and valves For theft Signs create a psychological barrier Asset tag equipment for possible recovery 45

47 A Communication systems design to alert, warn or notify a receiver of an event or danger. Made up of 3 parts, sensor (detector) that detects the condition, and alarm system circuit to transmit the information to an annunciator (signal, alarm) Standards UL, ISO and IEEE

48 Consider security before returning a failed hard drive Data remanence Software Data removers Degauss Shredding Incinerators

49 Not illegal Industrial espionage Some consider it a hobby Can find private, confidential information on paper or media or computers

50 49

51 Netbotz (now owned by APC) IT WatchDogs APC SynapSense 50

52 Donald E. Hester CISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+, CTT+ Director, Maze & Associates University of San Francisco / San Diego City College / Los Positas College | | | Q&A

53 Evaluation Survey Link Help us improve our seminars by filing out a short online evaluation survey at:

54 Thanks for attending For upcoming events and links to recently archived seminars, check the @ONE Web site at:

Download ppt "Donald Hester March 29, 2011 For audio call Toll Free 1 - 888-886-3951 and use PIN/code 661899."

Similar presentations

Ads by Google