PHYSICAL SECURITY

About This Presentation

Title:

Description:

Number of Views:116

Avg rating:3.0/5.0

Slides: 21

Provided by: seans1

Learn more at: http://www.cs.fsu.edu

Category:

Tags: physical | security | laptops

Transcript and Presenter's Notes

Title: PHYSICAL SECURITY

1
PHYSICAL SECURITY
Attacker
2
Physical Security

Not all attacks on your organization's data come
across the network.
Many companies focus on an iron-clad network
security, but that does not protect them from
physical assault or theft of data.

3
Physical Security

An example of this would be the recent identity
theft incident at the Department of Veterans
Affairs, which began with the theft of a company
laptop.

4
Physical Security

Increased importance
Given the trend toward smaller, more lightweight
PC components, physical security is growing
increasingly important.
Its important to implement a physical access
control program in a company and strictly enforce
the measures.

5
Physical Security

6
Physical Security

Impact of an attack
These attackers can often cause systems to fail,
and they can compromise password-protected
computers by using a removable hard drive to gain
access.
Attackers can directly access networks by adding
or rearranging the connections, and they can
easily steal physical objects if they're already
on the inside.

7
Physical Security

8
Physical Security

9
Physical Security
Armed Guards and Bulldogs are a good way to keep
out attackers.
10
Physical Security

Preventing attackers from within
Ex Disgruntled or greedy employers or
contactors.
Its important to implement a physical access
control program in a company and strictly enforce
the measures.
If an attacker has physical access to a system
they can wreak havoc.

11
Physical Security

Guidelines for restricting personal access
Create a badge program that includes an employee
picture and possibly color-code specific areas of
access.
Make it a policy to question anyone who doesn't
have a visible ID badge.
Escort, observe, and supervise guests for their
entire visit.

12
Physical Security

Guidelines for restricting personal access
Don't allow anyone including vendors,
salespeople, etc. to connect personal laptops
(or any other computing device) to the network.
Don't allow anyone to add hardware or software to
computers without proper authorization.
0
Watch out for "tailgaters." These people wait for
someone with access to enter a controlled area
(such as one with a locked door) and then follow
the authorized person through the door.
Tailgaters enter without using their own key,
card key, or lock combination.

13
Physical SecurityEnforcement
14
Physical Security

Guidelines for protecting information and
equipment access
Place monitors and printers away from windows and
areas where unauthorized persons could easily
observe them.
Shred or otherwise destroy all sensitive
information and media when it's no longer
necessary.
Don't leave documents unattended at fax machines
or printers.
Require all users to log off or power down
workstations at the end of the working day.

15
Physical Security

Guidelines for protecting information and
equipment access
Lock up portable equipment (e.g., laptops, PDAs,
media, memory sticks) out of sight in a safe
storage place overnight.
Don't allow the removal of computers or storage
media from the work area or facility without
ensuring that the person removing it has
authorization and a valid reason.
Provide locks or cables to prevent theft, and
lock computer cases.

16
Physical Security
17
Physical Security

18
Physical Security

Strong Rooms / Server Room
This hardware contains highly sensitive
information and access privileges that affect a
companys data system.
Only a select few administrators should have
access to this room.

19
Physical Security

Strong Rooms / Server Room
The room should have increased security
mechanisms to prevent unauthorized entry.
There should be camera/personnel surveillance on
the entrance to ensure security.

20
Physical SecurityEnforcement

Write a Comment

User Comments (0)