Presentation is loading. Please wait.

Presentation is loading. Please wait.

Physical Security and Contingency Planning CS432 - Security in Computing Copyright © 2008 by Scott Orr and the Trustees of Indiana University.

Published byMelvyn Lewis Modified over 8 years ago

Similar presentations

Presentation on theme: "Physical Security and Contingency Planning CS432 - Security in Computing Copyright © 2008 by Scott Orr and the Trustees of Indiana University."— Presentation transcript:

1 Physical Security and Contingency Planning CS432 - Security in Computing Copyright © 2008 by Scott Orr and the Trustees of Indiana University

2 Section Overview Environmental Threats Environmental Threats Accidents Accidents Physical Access and Threats Physical Access and Threats Backups Backups

3 References Security in Computing, 4 th Ed. Security in Computing, 4 th Ed. Chapter 8 (pg. 556-566) Chapter 8 (pg. 556-566)

4 Physical Security Concerns Environmental Environmental Accidents Accidents Physical Access Physical Access Vandalism Vandalism Theft Theft Eavesdropping Eavesdropping Unattended Workstations Unattended Workstations

5 Environmental Threats Fire Fire Heat/Water (sprinkler) damage Heat/Water (sprinkler) damage Halon/CO 2 /Argon extinguishers Halon/CO 2 /Argon extinguishers Have a Plan! Have a Plan! Smoke/Dust Smoke/Dust Abrasive to components Abrasive to components Smoke-free environments Smoke-free environments Smoke alarms Smoke alarms Keep system ventilation ducts open and clean Keep system ventilation ducts open and clean

6 Environmental Threats (Con’t) Earthquakes Earthquakes Avoid putting systems on high surfaces Avoid putting systems on high surfaces Place systems away from bookcases, etc. Place systems away from bookcases, etc. Vibrations Vibrations Dampen with rubber/foam mats Dampen with rubber/foam mats Explosions Explosions Temperature Extremes Temperature Extremes Bugs/Rodents Bugs/Rodents

7 Environmental Threats (Con’t) Electricity Electricity Line noise: Surge suppressors Line noise: Surge suppressors Lightning: Unplug if possible Lightning: Unplug if possible Outages: UPS short term solution Outages: UPS short term solution Humidity Humidity Too little: Static electricity Too little: Static electricity Too much: Condensation on circuitry Too much: Condensation on circuitry Water: Auto shutdown on signal from sensor Water: Auto shutdown on signal from sensor

8 Accidents Food and drink on system components Food and drink on system components Can be prevented Can be prevented Don’t allow food/drink near systems Don’t allow food/drink near systems Educate users Educate users Practice what you preach!!! Practice what you preach!!!

9 Physical Access Doors/Windows Doors/Windows Locks Locks Key Cards, RFID, Biometrics, etc. Key Cards, RFID, Biometrics, etc. Raised Floors/Drop Ceilings Raised Floors/Drop Ceilings Air Ducts Air Ducts Many small vents Many small vents Screens Screens Glass Walls Glass Walls

10 Vandalism Targets System components System components System ventilation holes System ventilation holes Network cables Network cables Difficult to find/fix Difficult to find/fix Protected conduits Protected conduits Network connectors/jacks Network connectors/jacks

11 Theft RAM/Processors RAM/Processors Hard Drives/Removable Media Hard Drives/Removable Media Lost/Exposed Data Lost/Exposed Data Encryption Encryption Storage Disposal Storage Disposal Laptops/PDAs/Phones Laptops/PDAs/Phones Easily Stolen Easily Stolen Encryption Concerns Encryption Concerns Backup Media Backup Media

12 Eavesdropping Wiretapping Wiretapping Network Hubs Network Hubs Wire Splicing Wire Splicing Induction Loops Induction Loops Open Network Access Open Network Access Unused Office Data Jacks Unused Office Data Jacks Rogue Wireless Access Points Rogue Wireless Access Points Hardware Keyloggers Hardware Keyloggers Van Eck Radiation - Tempest Van Eck Radiation - Tempest

13 Unattended Workstations Full access to user’s files and resources Full access to user’s files and resources User-based protective measures User-based protective measures Education Education Screen locking Screen locking Keyboard locking Keyboard locking Automatic idle time logout Automatic idle time logout BIOS passwords BIOS passwords

14 Contingency Planning Backups Backups Network Storage Network Storage Remote Facilities Remote Facilities Cold Sites Cold Sites Hot Sites Hot Sites Formal Plan and Testing Formal Plan and Testing

15 Backups!!! Full versus incremental Full versus incremental Backup verification Backup verification Storage Storage Onsite Onsite Offsite Offsite Tape erasing Tape erasing Backup Encryption Backup Encryption

Download ppt "Physical Security and Contingency Planning CS432 - Security in Computing Copyright © 2008 by Scott Orr and the Trustees of Indiana University."

Similar presentations

Physical Security.

Physical Security.
GCSE ICT Networks & Security..

GCSE ICT Networks & Security..
Chapter 7: Physical & Environmental Security

Chapter 7: Physical & Environmental Security
Mark Heggli Consultant to the World Bank Expert Real-time Hydrology Information Systems Workshop Module 4: Data Management Solutions for a Modernized HIS.

Mark Heggli Consultant to the World Bank Expert Real-time Hydrology Information Systems Workshop Module 4: Data Management Solutions for a Modernized HIS.
By: Mrs. Allen.  To protect yourself and equipment, never tamper with or remove any power cords or cables (including mouse and keyboard)  To safeguard.

By: Mrs. Allen.  To protect yourself and equipment, never tamper with or remove any power cords or cables (including mouse and keyboard)  To safeguard.
If you use your computer more than a few hours per day, we suggest you not to turn off your computer at the end of the day. Instead turn off only the.

If you use your computer more than a few hours per day, we suggest you not to turn off your computer at the end of the day. Instead turn off only the.
Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.

Physical and Environmental Security Chapter 5 Part 1 Pages 427 to 456.
Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.

Security: Playing in Safe By: Matt Hill Identification and Access Identification and Access | When Disaster Strikes | Disaster Recovery Plan | Software.
Maintaining and Troubleshooting Computer Systems Computer Technology.

Maintaining and Troubleshooting Computer Systems Computer Technology.
Unit 3- Maintaining & Protecting Hardware.  Identify the importance of protecting computer hardware from theft and damage.  Explain how to protect data.

Unit 3- Maintaining & Protecting Hardware.  Identify the importance of protecting computer hardware from theft and damage.  Explain how to protect data.
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Physical (Environmental) Security.
Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.

Copyright © Center for Systems Security and Information Assurance Lesson Seven Physical Security.
Information Security Principles and Practices

Information Security Principles and Practices
 Computers, like any other piece of electronic equipment, need special care and attention in order to perform properly and safely.  It is always true.

 Computers, like any other piece of electronic equipment, need special care and attention in order to perform properly and safely.  It is always true.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 16: Physical and Infrastructure Security.
Computer Security 1 Keeping your computer safe. Computer Security 1 Computer Security 1 includes two lessons:  Lesson 1: An overview of computer security.

Computer Security 1 Keeping your computer safe. Computer Security 1 Computer Security 1 includes two lessons:  Lesson 1: An overview of computer security.
Physical Security Chapter 9.

Physical Security Chapter 9.
1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.

1 Lesson 3 Computer Protection Computer Literacy BASICS: A Comprehensive Guide to IC 3, 3 rd Edition Morrison / Wells.
CB Warm-up Get the sheet from the front table and answer these questions. rbasics/14http://www.gcflearnfree.org/compute.

CB Warm-up Get the sheet from the front table and answer these questions. rbasics/14http://
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Physical Security.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Physical Security.

Similar presentations

Ads by Google