PHYSICAL SECURITY - PowerPoint PPT Presentation

About This Presentation
Title:

PHYSICAL SECURITY

Description:

... etc. to connect personal laptops (or any other computing device) ... Lock up portable equipment (e.g., laptops, PDAs, media, memory sticks) out of ... – PowerPoint PPT presentation

Number of Views:116
Avg rating:3.0/5.0
Slides: 21
Provided by: seans1
Learn more at: http://www.cs.fsu.edu
Category:

less

Transcript and Presenter's Notes

Title: PHYSICAL SECURITY


1
PHYSICAL SECURITY
Attacker
2
Physical Security
  • Not all attacks on your organization's data come
    across the network.
  • Many companies focus on an iron-clad network
    security, but that does not protect them from
    physical assault or theft of data.

3
Physical Security
  • An example of this would be the recent identity
    theft incident at the Department of Veterans
    Affairs, which began with the theft of a company
    laptop.

4
Physical Security
  • Increased importance
  • Given the trend toward smaller, more lightweight
    PC components, physical security is growing
    increasingly important.
  • Its important to implement a physical access
    control program in a company and strictly enforce
    the measures.

5
Physical Security
  • Attackers Two Categories
  • Outside the company
  • From within the company

6
Physical Security
  • Impact of an attack
  • These attackers can often cause systems to fail,
    and they can compromise password-protected
    computers by using a removable hard drive to gain
    access.
  • Attackers can directly access networks by adding
    or rearranging the connections, and they can
    easily steal physical objects if they're already
    on the inside.

7
Physical Security
  • Preventing Outside attackers
  • a. Natural barriers landscape and terrain
  • b.  Fencing type and construction
  • c.  Walls and ceiling construction high risk
    areas
  • d.  Gate facilities security checkpoints

8
Physical Security
  • Preventing Outside attackers
  • e.   Frequency of patrols and security checks
  • f.   Door and window locations and security
    devices used
  • g.  Reception areas location and control of
    entry
  • h.  Employee surveillance and vigilance
  • i.   Parking areas entrance/exit, access to
    facility

9
Physical Security
Armed Guards and Bulldogs are a good way to keep
out attackers.
10
Physical Security
  • Preventing attackers from within
  • Ex Disgruntled or greedy employers or
    contactors.
  • Its important to implement a physical access
    control program in a company and strictly enforce
    the measures.
  • If an attacker has physical access to a system
    they can wreak havoc.

11
Physical Security
  • Guidelines for restricting personal access
  • Create a badge program that includes an employee
    picture and possibly color-code specific areas of
    access.
  • Make it a policy to question anyone who doesn't
    have a visible ID badge.
  • Escort, observe, and supervise guests for their
    entire visit.

12
Physical Security
  • Guidelines for restricting personal access
  • Don't allow anyone including vendors,
    salespeople, etc. to connect personal laptops
    (or any other computing device) to the network.
  • Don't allow anyone to add hardware or software to
    computers without proper authorization.
  • 0
  • Watch out for "tailgaters." These people wait for
    someone with access to enter a controlled area
    (such as one with a locked door) and then follow
    the authorized person through the door.
    Tailgaters enter without using their own key,
    card key, or lock combination.

13
Physical SecurityEnforcement
14
Physical Security
  • Guidelines for protecting information and
    equipment access
  • Place monitors and printers away from windows and
    areas where unauthorized persons could easily
    observe them.
  • Shred or otherwise destroy all sensitive
    information and media when it's no longer
    necessary.
  • Don't leave documents unattended at fax machines
    or printers.
  • Require all users to log off or power down
    workstations at the end of the working day.

15
Physical Security
  • Guidelines for protecting information and
    equipment access
  • Lock up portable equipment (e.g., laptops, PDAs,
    media, memory sticks) out of sight in a safe
    storage place overnight.
  • Don't allow the removal of computers or storage
    media from the work area or facility without
    ensuring that the person removing it has
    authorization and a valid reason.
  • Provide locks or cables to prevent theft, and
    lock computer cases.

16
Physical Security
17
Physical Security
  • Strong Room

18
Physical Security
  • Strong Rooms / Server Room
  • This hardware contains highly sensitive
    information and access privileges that affect a
    companys data system.
  • Only a select few administrators should have
    access to this room.

19
Physical Security
  • Strong Rooms / Server Room
  • The room should have increased security
    mechanisms to prevent unauthorized entry.
  • There should be camera/personnel surveillance on
    the entrance to ensure security.

20
Physical SecurityEnforcement
Write a Comment
User Comments (0)
About PowerShow.com