Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 10 Physical Security

Published byCristina Piñeiro Herrera Modified over 5 years ago

Similar presentations

Presentation on theme: "Chapter 10 Physical Security"— Presentation transcript:

1 Chapter 10 Physical Security
BIS 4113/6113 “Physical controls are your first line of defense, and people are your last.” (p.386)

2 Physical Security? How does it relate to our class?
AMRC Server missing Dell Optiplex GX-620, used for backup Patient, financial information Noticed when queries were being ignored

3 Cause & Effect Anatomy of physical breach C I Host Inc.
Unlocked entrances Guard not at post Physical attack on data center worker (!) $100,000 of equipment stolen

4 YouTube video CBS NEWS Investigation

5 How far does your responsibility go?
Dept of Veterans’ Affairs, 2006 2009 Audit of VA contracts 6000 of 22K contracts did not include infosec clauses 578 contractors refused to sign 2010: Two laptops stolen from VA contractors 1500 veterans’ records exposed 2010: Blue Cross Blue Shield of TN Theft of hard drives from abandoned office building Up to 220,000 customers’ identities compromised Up to $7M spent in response

6 Common Physical Threats
Fire/smoke Water (rising/falling) Earth movement Storms Sabotage/vandalism Explosions Building collapse Toxic materials Utility loss Equipment failure Personnel loss (strikes, illness, transport, etc.)

7 Planning Physical Security (p.390)
Deterrence Denial Detection Delay

8 3 Levels of Security Controls
Administrative Site selection Environmental dangers Proximity to resource/emergency facilities Facility Design Work areas Server rooms Appropriate partitioning Visitation

9 3 Levels of Security Controls
Physical Fences, gates, turnstiles, mantraps Appropriate lighting Guards & dogs Motion detectors CCTV Intrusion alarms

10 3 Levels of Security Controls
Technical Smart cards RFID readers Physical IDS Emanation security

11 Special Considerations
Server Rooms (p.393) One hour minimum fire rating Halon suppression Data Centers (p.396) Means of access (smartcards, proximity readers) Two-factor authentication

12 Power Issues Fault (temporary loss) Blackout (complete loss)
Undervoltage (sag, brownout) Overvoltage (spike, surge) Interference (noise) UPS Clean power

13 Equipment Failure (p.390) Costs Other metrics
Storage, transportation, installation, restoration Other metrics MTTF (Mean Time to Failure) MTTR (Mean Time to Repair) Waiting for complete failure before replacement: Bad

Download ppt "Chapter 10 Physical Security"

Similar presentations

Physical Security.

Physical Security.
Physical and Environmental Security

Physical and Environmental Security
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Computer Security Computer Security is defined as:

Computer Security Computer Security is defined as:
Information Security Jim Cusson, CISSP. Largest Breaches 110,000 2009-11-27 NorthgateArinso, Verity Trustees 6,400 2009-11-25 Aurora St. Luke's Medical.

Information Security Jim Cusson, CISSP. Largest Breaches 110, NorthgateArinso, Verity Trustees 6, Aurora St. Luke's Medical.
“Why do we need Security”  Each business has unique security and safety needs, e.g. Inventory Shrinkage and Theft Personal Safety Break Ins Moving Your.

“Why do we need Security”  Each business has unique security and safety needs, e.g. Inventory Shrinkage and Theft Personal Safety Break Ins Moving Your.
Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.

Copyright 2004 Foreman Architects Engineers School Security From Common Sense to High Tech.
Rafrex LLC - RFID Solutions

Rafrex LLC - RFID Solutions
Chapter 5 Enhancing Security Through Physical Controls

Chapter 5 Enhancing Security Through Physical Controls
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.

Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.

Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.
Principles of Information Security, 3rd Edition 2 Introduction  Physical security addresses the design, implementation, and maintenance of countermeasures.

Principles of Information Security, 3rd Edition 2 Introduction  Physical security addresses the design, implementation, and maintenance of countermeasures.
Stephen S. Yau CSE 465 & CSE591, Fall 2006 1 Physical Security for Information Systems.

Stephen S. Yau CSE 465 & CSE591, Fall Physical Security for Information Systems.
Information Security Principles and Practices

Information Security Principles and Practices
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.
Information Systems Security Physical Security Domain #4.

Information Systems Security Physical Security Domain #4.
Chapter 7: Assuring Safety and Security in Healthcare Institutions

Chapter 7: Assuring Safety and Security in Healthcare Institutions
Physical Security Chapter 9.

Physical Security Chapter 9.
Physical and Environmental Security CISSP Guide to Security Essentials Chapter 8.

Physical and Environmental Security CISSP Guide to Security Essentials Chapter 8.

Similar presentations

Ads by Google