Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.

Slides:

Advertisements

Similar presentations

Physical Security.

Advertisements

Facilities Management and Design Chapter 4 Safety and Security systems.

PowerPoint ® Presentation Chapter 14 Homeland Security Homeland Security Building Layout Specific CBR Attack Prevention Recommendations Securing Outdoor-

Computer Security Computer Security is defined as:

Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

Facility Management. The International Facility Management Association defines facility management as a profession that encompasses multiple disciplines.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.

Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.

1 Telstra in Confidence Managing Security for our Mobile Technology.

Stephen S. Yau CSE 465 & CSE591, Fall Physical Security for Information Systems.

Information Security Principles and Practices

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.

Information Systems Security Physical Security Domain #4.

Physical Security Chapter 9.

Chapter 3.  Security Framework  Operational Security Lifecycle  Security Perimeter  Access Control  Social Engineering  Environmental Issues.

Physical Security.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Physical Security.

1 12. Physical Security ISA 562 Internet Security Theory & Practice.

Physical Security SAND No C Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

每时每刻可信安全 1 What category of water sprinkler system is currently the most recommended water system for a computer room? A Dry Pipe sprinkler system B Wet.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Module 02: 1 Introduction to Computer Security and Information Assurance Objectives Recognize that physical security and cyber security are related Recognize.

A Secure Frontline September 25, 2003

Understanding Security Layers

Chapter 6.  Natural environmental threats  Supply system threats  Manmade threats  Politically motivated threats.

Physical Security By: Christian Hudson. Overview Definition and importance Components Layers Physical Security Briefs Zones Implementation.

Physical Security “Least sexy of the 10 domains but the best firewall in the world will not stand up to a well placed brick.”

Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2015 Operations Security.

Wastewater Infrastructure Security Workshop April 15, 2002 Denver, Colorado.

Principles of Information Security, 2nd Edition 2 Learning Objectives Upon completion of this material, you should be able to:  Understand the conceptual.

Information Systems Security Operations Security Domain #9.

Physical ways of keeping your system secure. Unit 7 – Assignment 2. (Task1) By, Rachel Fiveash.

Physical Site Security.  Personnel  Hardware  Programs  Networks  Data  Protection from:  Fire  Natural disasters  Burglary / Theft  Vandalism.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 16 “Physical and Infrastructure.

1 Hazard Assessment Evaluation of a work place for potential hazards.

1. 2 Hazard Assessment 3 Your accident rates or injury rates will be reduced by being pro-active in Hazard Assessment.

Physical (Environmental) Security

Fire No institution is immune from fire. Flood damage can be dried out and restored, stolen property has a chance of being recovered; damage from fire.

Chapter 5 ID 234 Building Codes Fire Resistant Materials and Assemblies.

Site Security Policy Case 01/19/ : Information Assurance Policy Douglas Hines, Jr.

Physical and Environmental Security Chapter 5 Part 2 Pages 457 to 499.

The Need for Access Control & Perimeter Protection

Energy Huntsville Opportunity Report and Government Collaboration February 2016.

IS3220 Information Technology Infrastructure Security

Physical Security Concerns for LAN Management By: Derek McQuillen.

Access Control Jeff Wicklund Computer Security Fall 2013.

10. Security and Physical Protection Basic Concepts

Physical Security Ch9 Part I Security Methods and Practice CET4884 Principles of Information Security, Fourth Edition.

1 Volunteer Orientation ENVIRONMENT OF CARE OVERVIEW.

Physical Security at Data Center: A survey. Objective of the Survey  1. To identify the current physical security in data centre.  2.To analyse the.

Criminal Justice Intro to Security, Instructor Name Date, Semester Chapter 4: PHYSICAL SECURITY: STRUCTURAL, ELECTRONIC, AND HUMAN PROTECTION SYSTEMS.

Unit 1: Protecting the Facility (Virtual Machines)

Module 5: Designing Physical Security for Network Resources

CompTIA Security+ Study Guide (SY0-401)

Risk management.

FIRE PROTECTION & SECURITY in ELI Beamlines

NETW4005 COMPUTER SECURITY A

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Operations Security.

Chapter 9 Safety Permit Systems

CompTIA Security+ Study Guide (SY0-401)

CompTIA Security+ Study Guide (SY0-501)

Understand mechanisms to control organisational IT security

Chapter 10 Physical Security

Objectives Telecommunications and Network Physical and Personnel

Security of Data

Physical Security.

Presentation transcript:

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security

Domain Agenda Site and Facility Design Criteria Perimeter Security Building and Inside Security Secure Operational Area

Site Location Considerations Emergency services Hazards/ threats Adjacency

Threats to Physical Security National / environmental Utility systems Human-made/ political events

Threat Sources and Controls Threat Theft Espionage Dumpster diving Social engineering Shoulder surfing HVAC access Controls Locks Background checks Disposal procedures Awareness Screen filters Motion sensors in ventilation ducts

Domain Agenda Site and Facility Design Criteria Perimeter Security Building and Inside Security Secure Operational Area

Perimeter and Building Boundary Protections First line of defense Protective barriers – Natural – Structural

Fences Federal, state or local codes may apply Parking should not be allowed near fences

Controlled Access Points Gates are the minimum necessary layer Bollards

Perimeter Intrusion Detection Systems Detect unauthorized access into an area – Electronic ‘eyes’ Note that some perimeters IDSs can function inside the perimeter as well.

Types of Lighting Continuous lighting Trip lighting Standby lighting Emergency exit lighting Emergency egress lighting

Access and Visitor Logs and More Rigorous forms of Logging ABC Company Entrance:___________________Date:________________ NameInstitutionName of Person Visiting Time InTime Out

Closed Circuit Television (CCTV) CCTV Capability Requirements – Detection – Recognition – Identification Mixing Capabilities Virtual CCTV Systems

Guards and Guard Stations Guards – Deterrent – Possible liability Guard stations

Domain Agenda Site and Facility Design Criteria Perimeter Security Building and Inside Security Secure Operational Area

Doors Isolation of critical areas Lighting of doorways Contact devices Guidelines

Building Entry Point Protection Locks Lock components – Body – Strike – Strike plates – Key – Cylinder

Types of Locks Something you have – Keyed Something you know – Combinations Something you are - Biometric

Lock Attacks Lock picking Lock bumping

Lock Controls Lock and key control system Key control procedures Change combinations Fail – Soft – Secure – Safe

Other Electronic Physical Controls Card access Biometric access methods

Windows and Entry Points Standard plate glass Tempered glass Acrylic materials Polycarbonate windows Entry points

Intrusion Detection Systems (IDS) Closed circuit television Sensors and monitors

Escorts and Visitor Control Visitor access control best practices – Picture identity – Photographs – Enclosed area – Authorized escort

Access Logs Computerized log Closed circuit TV

Domain Agenda Site and Facility Design Criteria Perimeter Security Building and Inside Security Secure Operational Area

Equipment Room Perimeter enclosure Controls Policy

Data Processing Facility Small devices threat Server room Mainframes Storage

Communications and Power Wireless access points Network access control Utility and power rooms

Work Area Operators System administrators Restricted work areas

Equipment Protection Inventory Locks and tracing equipment Data encryption Disabling I/O ports

Environmental Controls System Electric power HBAC Water / plumbing Gas Refrigeration Threat Loss of power Overheating Flood / dripping Explosion Leakage

Fire Protection Prevention – reduce causes Detection – alert occupants Suppression – contain or extinguish

Materials and Suppression Agents TypeSuppression Agents Common combustiblesWater, foam, dry chemicals Combustible liquidsInter gas, CO 2, foam, dry chemicals ElectricalInert gas, CO 2, dry chemicals Combustible metalsDry powders Cooking media (fats)Wet chemicals

Flooding Area Coverage Water – sprinkler systems Gas – Halon/CO2/Argon systems Best practices for systems Portable extinguishers

Types of Electrical Power Faults Complete loss of power Power degradation Interference (noise) Grounding

Loss of Electrical Power UPS Generators Goals of power Power controls

Heating Ventilation Air Condition (HVAC) Location Positive pressure Maintenance

Other Infrastructure Threats Gas leakage Water threats

Key Performance Indicators # of physical security incidents detected # of false positives for biometrics